ldm - 手册页部分 8：系统管理命令

语言：

ldm (8)

名称

ldm - line interface for the Logical Domains Manager

用法概要

ldm or ldm --help [subcommand]

ldm -V

ldm subcommand [option]... [operand]...

描述

ldm(8) System Administration ldm(8)

NAME
ldm - command-line interface for the Logical Domains Manager

SYNOPSIS
ldm or ldm --help [subcommand]

ldm -V

ldm subcommand [option]... [operand]...

DESCRIPTION
The ldm command interacts with the Logical Domains Manager and is used
to create and manage logical domains. The Logical Domains Manager runs
on the control domain, which is the initial domain created by the ser-
vice processor. For those platforms that have physical domains, the
Logical Domains Manager runs only in the control domain of each physi-
cal domain. The control domain is named primary.

A logical domain is a discrete logical grouping with its own operating
system, resources, and identity within a single computer system. Each
logical domain can be created, destroyed, reconfigured, and rebooted
independently, without requiring a power cycle of the server. You can
use logical domains to run a variety of applications in different
domains and keep them independent for security purposes.

All logical domains are the same and can be distinguished from one
another based on the roles that you specify for them. The following are
the roles that logical domains can perform:

Control domain Creates and manages other logical domains and ser-
vices by communicating with the hypervisor.

Service domain Provides services to other logical domains, such as a
virtual network switch or a virtual disk service.

I/O domain Has direct access to a physical I/O device, such as a
network card in a PCI EXPRESS (PCIe) controller or a
single-root I/O virtualization (SR-IOV) virtual func-
tion. An I/O domain can own a PCIe root complex, or
it can own a PCIe slot or on-board PCIe device by
using the direct I/O feature and an SR-IOV virtual
function by using the SR-IOV feature.

An I/O domain can share physical I/O devices with
other domains in the form of virtual devices when the
I/O domain is also used as a service domain.

Root domain Has a PCIe root complex assigned to it. This domain
owns the PCIe fabric and all connected devices, and
provides all fabric-related services, such as fabric
error handling. A root domain owns all of the SR-IOV
physical functions from which you can create virtual
functions and assign them to I/O domains. A root
domain is also an I/O domain, as it owns and has
direct access to physical I/O devices.

The number of root domains that you can have depends
on your platform architecture. See your platform doc-
umentation for more information.

The default root domain is the primary domain.

Guest domain Uses services from the I/O and service domains and is
managed by the control domain.

You can use the Logical Domains Manager to establish dependency rela-
tionships between domains.

Master domain A domain that has one or more domains that depend on
it. A slave domain enacts a failure policy when the
master domain fails. For instance, a slave can be left
as-is, panicked, rebooted, or stopped when the master
domain fails.

Slave domain A domain that depends on another domain. A domain can
specify up to four master domains. When one or more of
the master domains fail, the failure policy dictates
the slave domain's behavior.

SUBCOMMAND SUMMARIES
Following are the supported subcommands along with a description and
required authorization for each. For information about setting up
authorization for user accounts, see Using Rights Profiles and Roles in
Oracle VM Server for SPARC 3.6 Administration Guide.

Subcommand Description Authorization
-----------------------------------------------------------------------------------
add-resource Adds a resource to an existing logical solaris.ldoms.write
domain.
add-domain Creates a logical domain. solaris.ldoms.write
add-policy Adds a resource management policy to an solaris.ldoms.write
existing logical domain.
add-spconfig Adds an SP configuration to the service solaris.ldoms.write
processor (SP).
add-variable Adds one or more variables to a logical solaris.ldoms.write
domain.
add-vsan-dev Adds a physical device to a virtual SAN. solaris.ldoms.write
bind-domain Binds resources to a created logical solaris.ldoms.write
domain.
cancel-operation Cancels an operation, such as a delayed solaris.ldoms.write
reconfiguration (reconf), memory dynamic
reconfiguration removal (memdr), or
domain migration (migration).
cancel-reconf Cancels a delayed reconfiguration opera- solaris.ldoms.write
tion on the primary domain.
create-vf Creates one or more virtual functions. solaris.ldoms.write
destroy-vf Destroys one or more virtual functions. solaris.ldoms.write
evict-cmi Removes virtual CPUs or virtual CPU solaris.ldoms.write
cores that are associated with a spe-
cific CMI device from the logical domain
that owns the device.
grow-cmi Adds virtual CPUs or virtual CPU cores solaris.ldoms.write
that are associated with a specific CMI
device to the logical domain that owns
the device.

grow-socket Adds virtual CPUs, virtual CPU cores, or solaris.ldoms.write
virtual memory that is associated with a
specific CPU socket to an existing logi-
cal domain.
init-system Configures one or more guest domains, solaris.ldoms.write
the control domain, or both, by using an
existing configuration.
list-bindings Lists server bindings for logical solaris.ldoms.read
domains.
list-cmi Lists devices for logical domains. solaris.ldoms.read
list-constraints Lists resource constraints for logical solaris.ldoms.read
domains.
list-dependencies Lists dependencies. solaris.ldoms.read
list-devices Lists devices for logical domains. solaris.ldoms.read
list-domain Lists logical domains and their states. solaris.ldoms.read
list-hba Lists SCSI host bus adapters (HBAs) for solaris.ldoms.read
logical domains.
list-history Lists recently issued ldm commands. solaris.ldoms.read
list-hvdump Lists hypervisor data collection prop- solaris.ldoms.read
erty values.
list-io Lists I/O devices for logical domains. solaris.ldoms.read
list-logctl Lists fine-grained logging characteris- solaris.ldoms.read
tics.
list-netdev Lists network devices for logical solaris.ldoms.read
domains.
list-netstat Lists network device statistics for log- solaris.ldoms.read
ical domains.
list-permits Lists CPU core activation information. solaris.ldoms.read
list-rsrc-group Lists resource group information. solaris.ldoms.read
list-services Lists services for logical domains. solaris.ldoms.read
list-socket Lists CPU socket information. solaris.ldoms.read
list-spconfig Lists configurations for logical solaris.ldoms.read
domains.
list-variable Lists variables for logical domains. solaris.ldoms.read
list-vsan Lists members of the specified virtual solaris.ldoms.read
SAN.
migrate-domain Migrates a logical domain from one solaris.ldoms.write
machine to another.
panic-domain Panics the Oracle Solaris OS on a speci- solaris.ldoms.write
fied logical domain.
remove-resource Removes a resource from an existing log- solaris.ldoms.write
ical domain.
remove-domain Deletes a logical domain. solaris.ldoms.write
remove-policy Removes a resource management policy solaris.ldoms.write
from an existing logical domain.
remove-spconfig Removes an SP configuration from the SP. solaris.ldoms.write
remove-variable Removes one or more variables from an solaris.ldoms.write
existing logical domain.
remove-vsan-dev Removes a physical device from a virtual solaris.ldoms.write
SAN.
rescan-vhba Synchronizes the set of SCSI devices solaris.ldoms.read
that are seen by the virtual SCSI HBA
and virtual SAN.

set-resource Specifies a resource for an existing solaris.ldoms.write
logical domain. This can be either a
property change or a quantity change.
This represents a quantity change when
applied to the resources cmi, core,
vcpu, or memory. For a quantity change,
the subcommand becomes a dynamic or a
delayed reconfiguration operation, where
the quantity of the specified resource
is assigned to the specified logical
domain. If there are more resources
assigned to the logical domain than are
specified in this subcommand, some are
removed. If there are fewer resources
assigned to the logical domain than are
specified in this subcommand, some are
added. See RESOURCES for resource defi-
nitions.
set-domain Sets properties on a logical domain. solaris.ldoms.write
set-hvdump Sets property values for the hypervisor solaris.ldoms.write
data collection process.
set-io Modifies a physical function or a vir- solaris.ldoms.write
tual function.
set-logctl Specifies fine-grained logging charac- solaris.ldoms.write
teristics.
set-policy Sets properties for a resource manage- solaris.ldoms.write
ment policy to an existing logical
domain.
set-socket Constrains an existing logical domain to solaris.ldoms.write
use the virtual CPU, virtual CPU core,
and virtual memory resources that are
associated with the specified CPU sock-
ets.
set-spconfig Specifies an SP configuration to use. solaris.ldoms.write
set-variable Sets one or more variables for an exist- solaris.ldoms.write
ing logical domain.
shrink-cmi Removes virtual CPUs or virtual CPU solaris.ldoms.write
cores that are associated with a spe-
cific CMI device from the logical domain
that owns the device.
shrink-socket Removes virtual CPUs, virtual CPU cores, solaris.ldoms.write
or virtual memory that is associated
with a specific CPU socket from an
existing logical domain.
start-domain Starts one or more logical domains. solaris.ldoms.write
start-hvdump Manually starts the hypervisor data col- solaris.ldoms.write
lection process.
start-reconf Enters delayed reconfiguration mode on a solaris.ldoms.write
root domain.
stop-domain Stops one or more running domains. solaris.ldoms.write
unbind-domain Unbinds or releases resources from a solaris.ldoms.write
logical domain.

Note -

Not all subcommands are supported on all resource types.

Aliases
This section includes tables that show the short form and long form of
the ldm subcommand actions (verbs), resource names (nouns), and full
subcommands.

The following table shows the short form and long form of subcommand
actions.

Short Form Long Form
-----------------------------------------------------------
ls list
rm remove

The following table shows the short form and long form of resource
names.

Short Form Long Form
-----------------------------------------------------------
config spconfig
dep dependencies
dom domain
group rsrc-group
mem memory
var variable
vcc vconscon
vcons vconsole
vds vdiskserver
vdsdev vdiskserverdevice
vsw vswitch

The following table shows the short form and long form of subcommands.

Short Form Long Form
-----------------------------------------------------------
bind bind-domain
cancel-op cancel-operation
create add-domain
destroy remove-domain
history list-history
list list-domain
migrate migrate-domain
modify set-domain
panic panic-domain
start start-domain
stop stop-domain
unbind unbind-domain

Note -

In the syntax and examples in the remainder of this man page, the
short forms of the action and resource aliases are used.

The following table shows the short form and long form of generic com-
mand-line options.

Short Form Long Form
-----------------------------------------------------------
-a --all
-d --domain
-e --extended
-f --force
-g --group
--help --help
-l --long
-o --oformat
-p --parseable
-v --version
-x --xml

The ldm --help subcommand command shows the long option names for the
specified subcommand.

Resources
The following resources are supported:

core CPU cores.

io I/O devices, such as PCIe root complexes
and their attached adapters and devices.
Also direct I/O-assignable devices and
PCIe SR-IOV virtual functions.

mem, memory Default memory size in bytes. Or specify
gigabytes (G), kilobytes (K), or megabytes
(M). Virtualized memory of the server that
can be allocated to guest domains.

vcc, vconscon Virtual console concentrator service with
a specific range of TCP ports to assign to
each guest domain at the time it is cre-
ated.

vcons, vconsole Virtual console for accessing system-level
messages. A connection is achieved by con-
necting to the vconscon service in the
control domain at a specific port.

vcpu Each virtual CPU represents one CPU thread
of a server. See your platform documenta-
tion.

vdisk Virtual disks are generic block devices
backed by different types of physical
devices, volumes, or files. A virtual disk
is not synonymous with a SCSI disk and,
therefore, excludes the target ID (tN) in
the disk name. Virtual disks in a logical
domain have the following format: cNdNsN,
where cN is the virtual controller, dN is
the virtual disk number, and sN is the
slice.

vds, vdiskserver Virtual disk server that allows you to
export virtual disks to other logical
domains.

vdsdev, vdiskserverdevice Device exported by the virtual disk
server. The device can be an entire disk,
a slice on a disk, a file, or a disk vol-
ume.

vhba Virtual SCSI host bus adapter (HBA) that
supports the Sun Common SCSI Architecture
(SCSA) interface.

vnet Virtual network device that implements a
virtual Ethernet device and communicates
with other vnet devices in the system
using the virtual network switch (vsw).

vsan Virtual storage area network (SAN) service
that exports a set of physical SCSI
devices under a specified SCSI HBA initia-
tor port.

vsw, vswitch Virtual network switch that connects the
virtual network devices to the external
network and also switches packets between
them.

SUBCOMMAND USAGE
This section contains descriptions of every supported command-line
interface (CLI) operation, that is, every subcommand and resource com-
bination.

Add, Set, Remove, and Migrate Domains
Add Domains
The add-domain subcommand adds one or more logical domains by specify-
ing one or more logical domain names or by using an XML configuration
file. You can also specify property values to customize the domain,
such as the MAC address, the host ID, a list of master domains, and a
failure policy. If you do not specify these property values, the Logi-
cal Domains Manager automatically assigns default values.

Syntax:

ldm add-domain -i file

ldm add-domain domain-name...

where:

o -i file specifies the XML configuration file to use in cre-
ating the logical domain.

o cpu-arch=generic|native|migration-class1|sparc64-class1
specifies one of the following values:

o generic configures a guest domain for a CPU-type-inde-
pendent migration.

o native configures a guest domain to migrate only between
platforms that have the same CPU type. native is the
default value.

o migration-class1 is a cross-CPU migration family for
SPARC platforms starting with the SPARC T4, SPARC M5,
and SPARC S7 series server. These platforms support
hardware cryptography during and after these migrations
so that there is a lower bound to the supported CPUs.

Starting with the Oracle VM Server for SPARC 3.6 soft-
ware, the migration-class1 definition no longer includes
support for a 2-Gbyte page size because this page size
is not available on SPARC M8 and SPARC T8 series
servers.

So, any migration that uses migration-class1 on a source
machine that runs software prior to Oracle VM Server for
SPARC 3.6 is blocked if the target machine is a SPARC M8
or SPARC T8 series server that runs at least the Oracle
VM Server for SPARC 3.6 software. If the target machine
is not a SPARC M8 or SPARC T8 series server, the migra-
tion succeeds and the domain continues to have access to
2-Gbyte pages until any subsequent reboot. As part of
this post-migration reboot, the domain inherits the new
migration-class1 definition and loses access to 2-Gbyte
pages.

This value is not compatible with Fujitsu M10 servers
and Fujitsu SPARC M12 servers.

o sparc64-class1 is a cross-CPU migration family for
SPARC64 platforms. The sparc64-class1 value is based on
SPARC64 instructions, so it has a greater number of
instructions than the generic value. Therefore, the
sparc64-class1 value does not have a performance impact
compared to the generic value.

This value is not compatible with Oracle SPARC T-series
servers, Oracle SPARC M-series servers, or Oracle S-
series servers.

o boot-policy=enforce|none|warning specifies the verified boot
policy. When the value is enforce, boot blocks and kernel
modules are verified. Any incorrectly signed boot blocks and
modules are not loaded and the guest domain might not be
booted. However, when the value is none, no verification is
performed and the guest domain boots. The default value is
warning, which issues a warning message about any incor-
rectly signed boot blocks and kernel modules, but continues
to load the modules and boot the guest domain.

o mac-addr=MAC-address is the MAC address for this domain. The
number must be in standard octet notation, for example,
80:00:33:55:22:66.

You can allocate the following types of MAC addresses:

o Auto-allocated MAC addresses - Uses MAC addresses in the
range of 0x00:14:4f:f8:00:00 - 0x00:14:4f:fb:ff:ff. When
you automatically allocate MAC addresses, MAC address
collision detection is enabled.

o User-allocated MAC addresses - Uses MAC addresses out-
side the range of the auto-allocated MAC addresses. When
you use user-allocated MAC addresses, no MAC address
collision detection is performed.

o hostid specifies the host ID for a particular domain. If you
do not specify a host ID, the Logical Domains Manager
assigns a unique host ID to each domain.

o failure-policy specifies the failure policy, which controls
how slave domains behave when the master domain fails. This
property is set on a master domain. The default value is
ignore. Following are the valid property values:

o ignore ignores failures of the master domain (slave
domains are unaffected).

o panic panics any slave domains when the master domain
fails (similar to running the ldm panic command).

o reset stops and restarts any slave domains when the mas-
ter domain fails (similar to running the ldm stop -f
command and then the ldm start command).

o stop immediately stops any slave domains when the master
domain fails (similar to running the ldm stop -f com-
mand).

o extended-mapin-space=off disables the extended mapin space
for the specified domain. By default, the extended mapin
space is enabled.

o master specifies the name of up to four master domains for a
slave domain. This property is set on a slave domain. By
default, there are no masters for the domain. The master
domain must exist prior to an ldm add-domain operation.

Note -

The Logical Domains Manager does not permit you to create domain
relationships that result in a dependency cycle.

o rc-add-policy specifies whether to enable or disable the
direct I/O and SR-IOV I/O virtualization operations on any
root complex that might be added to the specified domain.
Valid values are iov and no value (rc-add-policy=). When rc-
add-policy=iov, the direct I/O and SR-IOV features are
enabled for a root complex that is being added. When rc-add-
policy=, the iov property value is cleared to disable the
I/O virtualization features for the root complex (unless you
explicitly set iov=on by using the add-io command). The
default value is no value.

o perf-counters=counter-set specifies the types of access to
grant to the performance counter. If no perf-counters value
is specified, the value is htstrand. You can specify the
following values for the perf-counters property:

global Grants the domain access to the global perfor-
mance counters that its allocated resources can
access. Only one domain at a time can have
access to the global performance counters. You
can specify this value alone or with either the
strand or htstrand value.

strand Grants the domain access to the strand perfor-
mance counters that exist on the CPUs that are
allocated to the domain. You cannot specify this
value and the htstrand value together.

htstrand Behaves the same as the strand value and enables
instrumentation of hyperprivilege mode events on
the CPUs that are allocated to the domain. You
cannot specify this value and the strand value
together.

To disable all access to any of the performance counters, specify
perf-counters=.

o uuid=uuid specifies the universally unique identifier (UUID)
for the domain. uuid is a hexadecimal string, such as
12345678-1234-abcd-1234-123456789abc, which consists of five
hexadecimal numbers separated by dashes. Each number must
have the specified number of hexadecimal digits: 8, 4, 4, 4,
and 12, as follows:

xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx

o max-cores=[num|unlimited] specifies the maximum number of
cores that are permitted to be assigned to a domain. If the
value is unlimited, there is no constraint on the number of
CPU cores that can be allocated.

o shutdown-group=num specifies the shutdown group number for a
domain. This value is used by the SP on a Fujitsu M10 server
and a Fujitsu SPARC M12 server when an ordered shutdown is
performed.

When the SP initiates an ordered shutdown, domains are shut
down in descending order of their shutdown group number.
That is, the domain with the highest number is shut down
first, and the domain with the lowest number is shut down
last. When more than one domain shares a shutdown group num-
ber, the domains shut down concurrently. If a master domain
and a slave domain share a shutdown group number, the
domains shut down concurrently even though a master-slave
relationship exists. Therefore, when establishing a depen-
dency relationship between a master domain and a slave
domain, assign a different shutdown group number to each
domain.

Valid values are from 1 to 15. The control domain's shutdown
group number is zero (0) and cannot be changed. The default
value for any other domain is 15.

For the new shutdown-group property values to take effect,
you must use the ldm add-spconfig command to save the con-
figuration to the SP.

This property pertains only to the Fujitsu M10 platform and
the Fujitsu SPARC M12 platform.

o fj-software-limit-pagesize specifies the largest page size
for a domain. Valid settings for this property are 256
Mbytes (256MB), 2 Gbytes (2GB), or 16 Gbytes (16GB). The fj-
software-limit-pagesize property also affects live migration
alignment restrictions and the ldmd behavior when the SP
invokes the deleteboard command. If no fj-software-limit-
pagesize is specified, the platform-specific maximum page
size is applied. You can clear the fj-software-limit-page-
size property by setting fj-software-limit-pagesize=.

This property pertains only to the Fujitsu M10 platform and
the Fujitsu SPARC M12 platform.

o domain-name specifies the logical domain to be added.

Set Options for Domains
The set-domain subcommand enables you to modify properties such as
boot-policy, mac-addr, hostid, failure-policy, extended-mapin-space,
master, and max-cores for a domain. You cannot use this command to
update resources.

Note -

If the slave domain is bound, all of its specified master domains
must also be bound prior to invoking the ldm set-domain command.

Syntax:

ldm set-domain -i file

where:

o -i file specifies the XML configuration file to use in set-
ting the properties of the logical domain.

Only the ldom_info nodes specified in the XML file are
parsed. Resource nodes, such as vcpu, mau, and memory, are
ignored.

If the hostid property in the XML file is already in use,
the ldm set-domain -i command fails with the following
error:

Hostid host-ID is already in use

Before you re-run the ldm set-domain -i command, remove the
hostid entry from the XML file.

o cpu-arch=generic|native|migration-class1|sparc64-class1
specifies one of the following values:

o generic configures a guest domain for a CPU-type-inde-
pendent migration.

o native configures a guest domain to migrate only between
platforms that have the same CPU type. native is the
default value.

This value is not compatible with Fujitsu M10 servers
and Fujitsu SPARC M12 servers.

This value is not compatible with Oracle SPARC T-series
servers, Oracle SPARC M-series servers, or Oracle S-
series servers.

If the domain is active when you change the boot-policy
value, you must reboot the domain to make the change take
effect.

o mac-addr=MAC-address is the MAC address for this domain. The
number must be in standard octet notation, for example,
80:00:33:55:22:66.

You can allocate the following types of MAC addresses:

o hostid specifies the host ID for a particular domain. If you
do not specify a host ID, the Logical Domains Manager
assigns a unique host ID to each domain.

o ignore ignores failures of the master domain (slave
domains are unaffected).

o panic panics any slave domains when the master domain
fails.

o reset stops and restarts any slave domains when the mas-
ter domain fails.

o stop stops any slave domains when the master domain
fails.

o extended-mapin-space enables or disables the extended mapin
space for the specified domain. By default, the extended-
mapin-space=on, which is equivalent to setting extended-
mapin-space=.

Note -

The Logical Domains Manager does not permit you to create domain
relationships that result in a dependency cycle.

o perf-counters=counter-set specifies the types of access to
grant to the performance counter. You can specify the fol-
lowing values for the perf-counters property:

strand Grants the domain access to the strand perfor-
mance counters that exist on the CPUs that are
allocated to the domain. You cannot specify this
value and the htstrand value together.

To disable all access to any of the performance counters, specify
perf-counters=.

o shutdown-group=num specifies the shutdown group number for a
domain. This value is used by the SP on a Fujitsu M10 server
and a Fujitsu SPARC M12 server when an ordered shutdown is
performed.

Valid values are from 1 to 15. The control domain's shutdown
group number is zero (0) and cannot be changed. The default
value for any other domain is 15.

For the new shutdown-group property values to take effect,
you must use the ldm add-spconfig command to save the con-
figuration to the SP.

This property pertains only to the Fujitsu M10 platform and
the Fujitsu SPARC M12 platform.

o domain-name specifies the name of the logical domain for
which you want to set options.

Remove Domains
The remove-domain subcommand removes one or more logical domains.

Syntax:

ldm remove-domain -a

ldm remove-domain domain-name...

where:

o -a deletes all logical domains except the control domain.

o domain-name specifies the logical domain to be deleted.

In the event that the domain to be destroyed is specified as
a master domain, references to this domain are removed from
all slave domains.

Migrate Logical Domains
The migrate-domain subcommand migrates a domain from one location to
another.

Syntax:

ldm migrate-domain [-f] [-n] [-p filename] [-s [spconfig-name]]
[mblockmap=phys-addr:phys-addr[,phys-addr:phys-addr,...]] [cidmap=core-ID:core-ID[,core-ID:core-ID,...]]
source-ldom [user@]target-host[:target-ldom]

ldm migrate-domain -c
[-f] [-n] [-s [spconfig-name]]
[mblockmap=phys-addr:phys-addr[,phys-addr:phys-addr,...]] [cidmap=core-ID:core-ID[,core-ID:core-ID,...]]
source-ldom target-host[:target-ldom]

where:

o -f attempts to force the migration of the domain.

o -n performs a dry run on the migration to determine whether
it will succeed. It does not actually migrate the domain.

o -p filename reads the password needed on the target machine
from the first line of filename. This option enables you to
perform non-interactive migrations that do not require you
to provide the target machine password at a prompt.

If you plan to store passwords in this manner, ensure that
the file permissions are set so that only the root owner or
a privileged user can read or write the file (400 or 600).

The -p option is deprecated in favor of the -c option.

This option cannot be used with the -c option.

o -c uses SSL trusted certificates to perform a domain migra-
tion. This option cannot be used with the -p filename
option. You cannot specify a user name if you use the -c
option.

To use this option, you must first ensure that certificates
are installed and configured on the source and target
machines. When the -c option is specified, the source
machine does not prompt for a password. The migration
request is rejected if the target certificate cannot be ver-
ified.

When the SSL trusted certificates are accessed successfully,
they are cached for the lifetime of the ldmd instance. When
changing or removing the certificates, you must restart the
ldmd daemon to make the changes take effect.

o -s spconfig-name specifies that you save a new SP configu-
ration on the source machine and target machine following a
migration. If you specify this option, it overrides the
value of the migration_save_spconfig SMF property value.

Using the -s option with no argument uses the default
reserved name to save the configuration on both the source
machine and the target machine.

If you specify the -s option with spconfig-name, a new user
SP configuration is created on both the source machine and
the target machine with the specified name.

If the spconfig-name argument matches the name of an exist-
ing SP configuration on either the source machine or the
target machine, the ldm migrate-domain command rejects the
migration request.

If the target machine runs an older version of the Logical
Domains Manager, and you specify the -s option, the ldm
migrate-domain rejects the migration request.

o mblockmap=phys-addr:phys-addr specifies a mapping of how
named memory block resources should be bound on the target
machine. You must specify a complete mapping for every mem-
ory block in the source domain. This property is valid only
for domains that are configured with named memory resources.

The mblockmap property value is a list of comma-separated
physical-address pairs. Each value is separated by the colon
character. The first value denotes one of the guest domain's
memory blocks on the source machine. The second value
denotes the physical address on the target machine to which
the memory block should be migrated. If a target physical
range is specified more than once, or is already bound to a
domain, the migration request is rejected.

Cross-CPU migrations are blocked if your domain uses named
memory resources.

If you do not use named memory resources, specifying the
mblockmap property causes the ldm migrate-domain command to
issue an error.

If you migrate a domain that uses named memory blocks and
the mblockmap property is not specified, the physical
address on the source machine is implicitly mapped to the
same physical address on the target machine.

o cidmap=core-ID:core-ID specifies a mapping of how named core
resources on the source machine should be bound on the tar-
get machine. You must specify a complete mapping for every
core in the source domain. This property is valid only for
domains that are configured with named core resources.

The cidmap property value is a comma-separated list of core
ID pairs. Each core ID pair is separated by the colon char-
acter. The first core-ID value denotes one of the guest
domain's cores on the source machine. The second core-ID
value denotes the target machine core to which the strands
from the source machine core should be migrated. If a target
core is specified more than once, or is already bound to a
domain, the migration request is rejected.

Cross-CPU migrations are blocked if your domain uses named
core resources.

If you do not use named core resources, specifying the
cidmap property causes the ldm migrate-domain command to
issue an error.

If you migrate a domain that uses named cores and the cidmap
property is not specified, the core ID on the source machine
is implicitly mapped to the same core ID on the target
machine.

o source-ldom is the logical domain that you want to migrate.

o user is the user name that is authorized to run the Logical
Domains Manager on the target host. If no user name is spec-
ified, the name of the user running the command is used by
default.

o target-host is the host where you want to place the target-
ldom.

o target-ldom is the logical domain name to be used on the
target machine. The default is to keep the domain name used
on the source domain (source-ldom).

Reconfiguration Operations
Logical Domains supports the following types of reconfiguration opera-
tions:

o Dynamic reconfiguration operations. Dynamic reconfiguration
is the ability to add, set, or remove resources to or from
an active domain. The ability to perform dynamic reconfigu-
ration of a particular resource type is dependent on having
support in the particular version of the OS running in the
logical domain. If a dynamic reconfiguration cannot be per-
formed on the control domain, initiate a delayed reconfigu-
ration operation. Sometimes, the delayed reconfiguration is
automatically initiated.

o Delayed reconfiguration operations. In contrast to dynamic
reconfiguration operations that take place immediately,
delayed reconfiguration operations take effect after the
next reboot of the OS or stop and start of the logical
domain if no OS is running. You manually enter delayed
reconfiguration mode on the root domain by running the ldm
start-reconf primary command. When you initiate a delayed
reconfiguration on a non-primary root domain, you can only
perform a limited set of I/O operations (add-io, set-io,
remove-io, create-vf, and destroy-vf). Other domains must be
stopped prior to modifying resources that cannot be dynami-
cally configured.

See Resource Reconfiguration in Oracle VM Server for SPARC 3.6 Adminis-
tration Guide for more information about dynamic reconfiguration and
delayed reconfiguration.

CPU Operations
You can allocate either CPU threads or CPU cores to a domain. To allo-
cate CPU threads, use the add-vcpu, set-vcpu, and remove-vcpu subcom-
mands. To allocate CPU cores, use the add-core, set-core, and remove-
core subcommands.

Add CPU Threads
The add-vcpu subcommand adds the specified number of CPU threads or CPU
cores to a logical domain. Note that a domain cannot be configured
simultaneously with CPU cores and CPU threads. CPU core configurations
and CPU thread configurations are mutually exclusive.

Syntax:

ldm add-vcpu CPU-count domain-name

where:

o CPU-count is the number of CPU threads to be added to the
logical domain.

o domain-name specifies the logical domain where the CPU
threads are to be added.

Set CPU Threads
The set-vcpu subcommand specifies the number of CPU threads or CPU
cores to be set in a logical domain. Note that a domain cannot be con-
figured simultaneously with CPU cores and CPU threads. CPU core config-
urations and CPU thread configurations are mutually exclusive.

Syntax:

ldm set-vcpu CPU-count domain-name

where:

o CPU-count is the number of CPU threads to be added to the
logical domain.

o domain-name is the logical domain where the number of CPU
threads are to be set.

Remove CPU Threads
The remove-vcpu subcommand removes the specified number of CPU threads
or CPU cores from a logical domain. Note that a domain cannot be con-
figured simultaneously with CPU cores and CPU threads. CPU core config-
urations and CPU thread configurations are mutually exclusive.

Syntax:

ldm remove-vcpu [-f] CPU-count domain-name

where:

o -f attempts to force the removal of one or more virtual CPU
threads from an active domain.

o CPU-count is the number of CPU threads to be added to the
logical domain.

o domain-name specifies the logical domain where the CPU
threads are to be removed.

Add CPU Cores
The add-core subcommand adds the specified number of CPU cores to a
domain. When you specify the number of CPU cores, the cores to be
assigned are automatically selected. However, when you specify a core-
ID value to the cid property, the specified cores are explicitly
assigned.

The cid property should only be used by an administrator who is knowl-
edgeable about the topology of the system to be configured. This
advanced configuration feature enforces specific allocation rules and
might affect the overall performance of the system.

Note -

The ldm add-core command fails with the following error message if
the domain does not have the whole-core constraint applied:

Must use set-core to enable the whole-core constraint

Note that you cannot use the ldm add-core command to add named core
resources to a domain that already uses automatically assigned (anony-
mous) core resources.

Syntax:

ldm add-core num domain-name

ldm add-core cid=core-ID[,core-ID[,...]] domain-name

where:

o num specifies the number of CPU cores to assign to a domain.

o cid=core-ID[,...] specifies one or more physical CPU cores
to assign to a domain.

o domain-name specifies the domain to which the CPU cores are
assigned.

Set CPU Cores
The set-core subcommand specifies the number of CPU cores to assign to
a domain. When you specify the number of CPU cores, the cores to be
assigned are automatically selected. However, when you specify a core-
ID value to the cid property, the specified cores are explicitly
assigned.

Syntax:

ldm set-core num domain-name

ldm set-core cid=[core-ID[,core-ID[,...]]] domain-name

where:

o num specifies the number of CPU cores to assign to a domain.

o cid=core-ID[,...] specifies one or more physical CPU cores
to assign to a domain. cid= removes all named CPU cores.

o domain-name specifies the domain to which the CPU cores are
assigned.

Remove CPU Cores
The remove-core subcommand specifies the number of CPU cores to remove
from a domain. When you specify the number of CPU cores, the cores to
be removed are automatically selected. However, when you specify a
core-ID value to the cid property, the specified cores are explicitly
removed.

When you specify a resource group by using the -g option, the cores
that are selected for removal all come from that resource group.

Syntax:

ldm remove-core [-f] num domain-name

ldm remove-core cid=[core-ID[,core-ID[,...]]] domain-name

ldm remove-core -g resource-group [-n number-of-cores] domain-name

where:

o -f attempts to force the removal of one or more cores from
an active domain.

o -g resource-group specifies that the operation is performed
on the resources in the specified resource group.

o -n number-of-cores specifies the number of cores to remove.
If this option is not specified, all cores are removed from
the specified resource group that belongs to the specified
domain. This option can be used only when the -g option is
specified.

o num specifies the number of CPU cores to remove from a
domain.

o cid=core-ID[,...] specifies one or more physical CPU cores
to remove from a domain.

o domain-name specifies the domain from which the CPU cores
are removed.

Memory Operations
Add Memory
The add-memory subcommand adds the specified amount of memory to a
domain. When you specify a memory block size, the memory block to be
assigned is automatically selected. However, when you specify a PA-
start:size value to the mblock property, the specified memory blocks
are explicitly assigned.

The mblock property should only be used by an administrator who is
knowledgeable about the topology of the system to be configured. This
advanced configuration feature enforces specific allocation rules and
might affect the overall performance of the system.

Syntax:

ldm add-memory [--auto-adj] size[unit] domain-name

ldm add-memory mblock=PA-start:size[,PA-start:size[,...]] domain-name

where:

o --auto-adj specifies that the amount of memory to be added
to an active domain is automatically 256Mbyte-aligned, which
might increase the requested memory size. If the domain is
inactive, bound, or in a delayed reconfiguration, this
option automatically aligns the resulting size of the domain
by rounding up to the next 256-Mbyte boundary.

o size is the size of memory in bytes to be set in the logical
domain.

If you want a different unit of measurement, specify unit as
one of the following values using either uppercase or lower-
case:

o G for gigabytes

o K for kilobytes

o M for megabytes

o mblock=PA-start:size specifies one or more physical memory
blocks to assign to a domain. PA-start specifies the start-
ing physical address of the memory block in hexadecimal for-
mat. size is the size of the memory block, including a unit,
to be assigned to the domain. Note that you cannot use this
property to specify the physical addresses of DIMMs.

o domain-name specifies the logical domain where the memory is
to be added.

Set Memory
The set-memory subcommand sets a specific amount of memory in a domain.
Depending on the amount of memory specified, this subcommand is treated
as an add-memory or remove-memory operation.

When you specify a memory block size, the memory block to be assigned
is automatically selected. However, when you specify a PA-start:size
value to the mblock property, the specified memory blocks are explic-
itly assigned.

Syntax:

ldm set-memory [--auto-adj] size[unit] domain-name

ldm set-memory mblock=PA-start:size[,PA-start:size[,...]] domain-name

where:

o --auto-adj specifies that the amount of memory to be added
to or removed from an active domain is automatically
256Mbyte-aligned, which might increase the requested memory
size. If the domain is inactive, bound, or in a delayed
reconfiguration, this option automatically aligns the
resulting size of the domain by rounding up to the next
256-Mbyte boundary.

o size is the size of memory in bytes to be set in the logical
domain.

If you want a different unit of measurement, specify unit as
one of the following values using either uppercase or lower-
case:

o G for gigabytes

o K for kilobytes

o M for megabytes

o domain-name specifies the logical domain where the memory is
to be modified.

Remove Memory
The remove-memory subcommand removes the specified amount of memory
from a logical domain. When you specify a memory block size, the memory
block to be removed is automatically selected. However, when you spec-
ify a PA-start:size value to the mblock property, the specified memory
blocks are explicitly removed.

When you specify a resource group by using the -g option, the memory
that is selected for removal all comes from that resource group.

Syntax:

ldm remove-memory [--auto-adj] size[unit] domain-name

ldm remove-memory mblock=PA-start:size[,PA-start:size[,...]] domain-name

ldm remove-memory -g resource-group [-s size[unit]] domain-name

where:

o --auto-adj specifies that the amount of memory to be removed
from an active domain is automatically 256Mbyte-aligned,
which might increase the requested memory size. If the
domain is inactive, bound, or in a delayed reconfiguration,
this option automatically aligns the resulting size of the
domain by rounding up to the next 256-Mbyte boundary.

o size is the size of memory in bytes to be set in the logical
domain.

If you want a different unit of measurement, specify unit as
one of the following values using either uppercase or lower-
case:

o G for gigabytes

o K for kilobytes

o M for megabytes

o mblock=PA-start:size specifies one or more physical memory
blocks to remove from a domain. PA-start specifies the
starting physical address of the memory block in hexadecimal
format. size is the size of the memory block, including a
unit, to be removed from the domain. Note that you cannot
use this property to specify the physical addresses of
DIMMs.

o -g resource-group specifies that the operation is performed
on the resources in the specified resource group.

o -s size[unit] specifies the amount of memory to remove. If
this option is not specified, the command attempts to remove
all memory from the specified resource group that is bound
to the specified domain. This option can be used only when
the -g option is specified.

o domain-name specifies the logical domain where the memory is
to be removed.

Enter Delayed Reconfiguration Mode
The start-reconf subcommand enables the domain to enter delayed recon-
figuration mode. Only root domains support delayed reconfiguration.

Note -

When a non-primary root domain is in a delayed reconfiguration, you
can perform only the add-io, set-io, remove-io, create-vf, and
destroy-vf operations.

Syntax:

ldm start-reconf domain-name

Cancel a Delayed Reconfiguration Operation
The cancel-reconf subcommand cancels a delayed reconfiguration. Only
root domains support delayed reconfiguration.

Syntax:

ldm cancel-reconf domain-name

Cancel Operations
The cancel-operation subcommand cancels a delayed reconfiguration
(reconf), memory dynamic reconfiguration removal (memdr), or domain
migration (migration) for a logical domain. Only root domains support
the reconf operation.

Syntax:

ldm cancel-operation migration domain-name

ldm cancel-operation reconf domain-name

ldm cancel-operation memdr domain-name

Input/Output Devices
Add Input/Output Device
The add-io subcommand attempts to dynamically add a PCIe bus, device,
or virtual function to the specified logical domain. If the domain does
not support dynamic configuration, the command fails, and you must ini-
tiate a delayed reconfiguration or stop the domain before you can add
the device.

If you add a root complex to the root domain when iov=off, you cannot
successfully use the create-vf, destroy-vf, add-io, or remove-io sub-
command to assign direct I/O and SR-IOV devices.

Syntax:

ldm add-io [iov=on|off] bus domain-name

ldm add-io (device | vf-name) domain-name

where:

o iov=on|off enables or disables I/O virtualization (direct
I/O and SR-IOV) operations on the specified PCIe bus (root
complex). When enabled, I/O virtualization is supported for
devices in that bus. The ldm add-io command rebinds the
specified PCIe bus to the root domain. The default value is
off.

Note that this command fails if the PCIe bus that you want
to add is already bound to a domain.

o bus, device, and vf-name are a PCIe bus, a direct I/O-as-
signable device, and a PCIe SR-IOV virtual function, respec-
tively. Although the operand can be specified as a device
path or as a pseudonym, using the device pseudonym is recom-
mended. The pseudonym is based on the ASCII label that is
printed on the chassis to identify the corresponding I/O
card slot and is platform specific.

The following are examples of the pseudonyms that are associated
with the device names:

o PCIe bus. The pci_0 pseudonym matches the pci@400 device
path.

o Direct I/O-assignable device. The /SYS/MB/PCIE1 pseudo-
nym matches the pci@400/pci@0/pci@c device path.

o PCIe SR-IOV virtual function. The
/SYS/MB/NET0/IOVNET.PF0.VF0 pseudonym matches the
pci@400/pci@2/pci@0/pci@6/network@0 device path.

o domain-name specifies the logical domain where the bus or
device is to be added.

Set a Property for a Virtual Function
The set-io subcommand modifies the current configuration of a virtual
function by changing the property values or by passing new properties.
This command can modify both the class-specific properties and the
device-specific properties.

You can change most network class-specific properties without requiring
a reboot of the root domain. However, to change the mtu and mac-
addresses properties of a virtual function that is bound to a domain,
you must first stop the domain or initiate a delayed reconfiguration on
the root domain.

o All device-specific properties initiate a delayed reconfigu-
ration so that those properties can be updated during the
attach operation of the physical function device driver. As
a result, the root domain must be rebooted.

o This command only succeeds when the physical function driver
can successfully validate the resulting configuration.

Fibre Channel virtual functions are permitted to have the following
types of WWNs:

o Auto-allocated WWNs: Use values in the range of
00:14:4F:F8:00:00-00:14:4F:FB:FF:FF. The prefix for a port-
wwn is 10:00:00:14:4F:FC:00:01. The prefix for a node-wwn is
20:00:00:14:4F:FC:00:01.

When auto-allocated WWNs are used, collision detection is
enabled and the information is not saved in the constraints
database or in XML, so no recovery is possible.

o User-allocated WWNs: Uses user-allocated port-wwn and node-
wwn values. These values must not fall in the auto-allocated
WWN range.

When user-allocated WWNs are used, no collision detection is
performed, but the value is saved for recovery.

Syntax:

ldm set-io property-name=value [property-name=value...] pf-name

ldm set-io [property-name=value...] [name=user-assigned-name] vf-name

ldm set-io iov=on|off bus

ldm set-io [mac-addr=MAC-address] [alt-mac-addrs=[auto|MAC-address,[auto|MAC-address,...]]]
[pvid=[pvid]] [vid=[vid1,vid2,...]] [mtu=size] [property-name=value...] net-vf-name

ldm set-io property-name=[value...] ib-pf-name

ldm set-io [bw-percent=[value]] [port-wwn=value node-wwn=value] fc-vf-name

where:

o name=user-assigned-name specifies a name that you assign to
the virtual function.

o property-name=value enables you to set a class-specific or
device-specific property for the target device. property-
name is the name of the class-specific or device-specific
property.

o mac-addr=MAC-address is the MAC address for this device. The
number must be in standard octet notation, for example,
80:00:33:55:22:66.

You can allocate the following types of MAC addresses:

o alt-mac-addrs=auto|MAC-address,[auto|MAC-address,...] is a
comma-separated list of alternate MAC addresses. Valid val-
ues are numeric MAC addresses and the auto keyword, which
can be used one or more times to request that the system
generate an alternate MAC address. The auto keyword can be
mixed with numeric MAC addresses. The numeric MAC address
must be in standard octet notation, for example,
80:00:33:55:22:66.

You cannot change this property value on a virtual network
device in a bound domain. You must first stop the domain or
initiate a delayed reconfiguration on the root domain.

You can assign one or more alternate MAC addresses to create
one or more virtual NIC (VNICs) on this device. Each VNIC
uses one alternate MAC address, so the number of MAC
addresses assigned determines the number of VNICs that can
be created on this device. If no alternate MAC addresses are
specified, attempts to create VNICs on this device fail. For
more information, see the Oracle Solaris 11 networking docu-
mentation and Chapter 13, Using Virtual Networks in Oracle
VM Server for SPARC 3.6 Administration Guide.

To modify the iov property value, the root complex must be
bound to the domain and the domain must be in a delayed
reconfiguration.

o bw-percent=[value] specifies the percentage of the bandwidth
to be allocated to the Fibre Channel virtual function. Valid
values are from 0 to 100. The total bandwidth value assigned
to a Fibre Channel physical function's virtual functions
cannot exceed 100. The default value is 0 so that the vir-
tual function gets a fair share of the bandwidth that is not
already reserved by other virtual functions that share the
same physical function.

o node-wwn=value specifies the node world-wide name for the
Fibre Channel virtual function. Valid values are non-zero.
By default, this value is allocated automatically. If you
manually specify this value, you must also specify a value
for the port-wwn property.

The IEEE format is a two-byte header followed by an embedded
MAC-48 or EUI-48 address that contains the OUI. The first
two bytes are either hexadecimal 10:00 or 2x:xx where x is
vendor-specified) followed by the three-byte OUI and three-
byte vendor-specified serial number.

o port-wwn=value specifies the port world-wide name for the
Fibre Channel virtual function. Valid values are non-zero.
By default, this value is allocated automatically. If you
manually specify this value, you must also specify a value
for the node-wwn property.

o pf-name is the name of the physical function.

o bus is the name of the PCIe bus.

o net-vf-name is the name of the network virtual function.

o ib-pf-name is the name of the InfiniBand physical function.

o fc-vf-name is the name of the Fibre Channel virtual func-
tion.

Set a Property for a Physical Function
The set-io subcommand modifies the physical function configuration.
Only the physical function device-specific properties are supported.
Any change to the properties causes a delayed reconfiguration because
the properties are applied during the attach operation of the physical
function device driver.

The property values must be an integer or a string. Run the ldm list-io
-d command to determine the property value type and whether a particu-
lar property can be set.

Note that the ldm set-io command succeeds only when the physical func-
tion driver successfully validates the resulting configuration.

Syntax:

ldm set-io property-name=value [property-name=value...] pf-name

where:

o property-name=value enables you to set a class-specific or
device-specific property for the target device. property-
name is the name of the class-specific or device-specific
property.

o pf-name is the name of the physical function.

Remove Input/Output Device
The remove-io subcommand removes a PCIe bus, device, or virtual func-
tion from a specified domain.

Syntax:

ldm remove-io [-n] (bus | device | vf-name) domain-name

where:

o -n performs a dry run of the command to determine whether it
will succeed. It does not actually remove the I/O device.

The following are examples of the pseudonyms that are associated
with the device names:

o PCIe bus. The pci_0 pseudonym matches the pci@400 device
path.

o Direct I/O-assignable device. The /SYS/MB/PCIE1 pseudo-
nym matches the pci@400/pci@0/pci@c device path.

o PCIe SR-IOV virtual function. The
/SYS/MB/NET0/IOVNET.PF0.VF0 pseudonym matches the
pci@400/pci@2/pci@0/pci@6/network@0 device path.

The specified guest domain must be in the inactive or bound state.
If you specify the primary domain, this command initiates a delayed
reconfiguration.

o domain-name specifies the logical domain where the bus or
device is to be removed.

Virtual Network Server
Add a Virtual Switch
The add-vsw subcommand adds a virtual switch to a specified logical
domain.

Syntax:

ldm add-vsw [-q] [default-vlan-id=VLAN-ID] [pvid=port-VLAN-ID] [vid=VLAN-ID1,VLAN-ID2,...]
[linkprop=phys-state] [mac-addr=MAC-address] [net-dev=device] [mode=sc] [mtu=size]
[id=switch-ID] [inter-vnet-link=auto|on|off]] [vsw-relay-mode=local|remote] vswitch-name domain-name

where:

o -q disables the validation of the path to the network device
that is specified by the net-dev property. This option
enables the command to run more quickly, especially if the
logical domain is not fully configured.

o default-vlan-id=VLAN-ID specifies the default VLAN to which
a virtual switch and its associated virtual network devices
belong to implicitly, in untagged mode. It serves as the
default port VLAN ID (pvid) of the virtual switch and vir-
tual network devices. Without this option, the default value
of this property is 1. Normally, you would not need to use
this option. It is provided only as a way to change the
default value of 1.

o pvid=port-VLAN-ID specifies the VLAN to which the virtual
switch device needs to be a member, in untagged mode. This
property also applies to the set-vsw subcommand. See Using
VLAN Tagging in Oracle VM Server for SPARC 3.6 Administra-
tion Guide.

o linkprop=phys-state specifies whether the virtual device
reports its link status (status, speed, and duplex) based on
the underlying physical network device. When linkprop=phys-
state is specified on the command line, the virtual device
link properties reflect physical link properties. By
default, the value is phys-state, which takes effect only if
the underlying physical device reports its link status.

o vid=VLAN-ID specifies one or more VLANs to which a virtual
network device or virtual switch needs to be a member, in
tagged mode. This property also applies to the set-vsw sub-
command. See Using VLAN Tagging in Oracle VM Server for
SPARC 3.6 Administration Guide for more information.

o mac-addr=MAC-address is the MAC address to be used by this
switch. The number must be in standard octet notation, for
example, 80:00:33:55:22:66. If you do not specify a MAC
address, the switch is automatically assigned an address
from the range of auto-allocated MAC addresses managed by
the Logical Domains Manager.

You can allocate the following types of MAC addresses:

o net-dev=device is the path to the network device or aggrega-
tion over which this switch operates. The system validates
that the path references an actual network device unless the
-q option is specified.

When setting this property on a path that includes VLANs, do
not use the path name that has any VLAN tags.

o mode=sc enables virtual networking support for prioritized
processing of Oracle Solaris Cluster heartbeat packets in a
logical domains environment. Applications like Oracle
Solaris Cluster need to ensure that high priority heartbeat
packets are not dropped by congested virtual network and
switch devices. This option prioritizes Oracle Solaris Clus-
ter heartbeat frames and ensures that they are transferred
in a reliable manner.

You must set this option when running Oracle Solaris Cluster
in a logical domains environment and using guest domains as
Oracle Solaris Cluster nodes. Do not set this option when
you are not running Oracle Solaris Cluster software in guest
domains because you could impact virtual network perfor-
mance.

o mtu=size specifies the maximum transmission unit (MTU) of a
virtual switch device. Valid values are up to 16000 bytes.
Ensure that the specified MTU value is within the range sup-
ported by the backend device.

o id=switch-ID is the ID of a new virtual switch device. By
default, ID values are generated automatically, so set this
property if you need to match an existing device name in the
OS.

o inter-vnet-link=auto|on|off specifies whether to assign a
channel between each pair of virtual network devices that
are connected to the same virtual switch. This behavior
improves guest-to-guest performance.

When the value is on, inter-vnet LDC channels are assigned.
When the value is off, no inter-vnet LDC channels are
assigned. When the value is auto, inter-vnet LDC channels
are assigned unless the number of virtual networks in a vir-
tual switch has grown beyond eight. When the default number
of eight virtual networks are exceeded, the inter-vnet LDC
channels are disabled. You can change the default number of
virtual networks by modifying the
ldmd/auto_inter_vnet_link_limit SMF property value. The
default value is auto.

o vsw-relay-mode=local|remote specifies how to exchange the
network traffic between domains. This property value aids in
enforcing network policies feature such as access control
lists and packet monitoring that you can configure on the
external switch. The switch must support this capability and
must be manually set.

The value is one of the following:

o local - enables the network traffic between domains on
the same physical NIC to be exchanged internally. This
is the default mode.

o remote - enables the network traffic between domains on
the same physical NIC to be exchanged through the exter-
nal switch. You must manually disable the inter-vnet-
link property for all the virtual networks that are con-
nected on this switch. If you reset the value of the
vsw-relay-mode property to local, you should re-enable
the inter-vnet-link property or set the value to auto.

You can specify vsw-relay-mode=remote only on a physical
network device. Other devices such as a virtual NIC, an
IOV-enabled SR-IOV device, an aggregation, InfiniBand
ports, and IPMP are not supported.

o vswitch-name is the unique name of the switch that is to be
exported as a service. Clients (network) can attach to this
service.

o domain-name specifies the logical domain in which to add a
virtual switch.

Set Options for a Virtual Switch
The set-vsw subcommand modifies the properties of a virtual switch that
has already been added.

Syntax:

ldm set-vsw [-q] [pvid=[port-VLAN-ID]] [vid=[[+|-]VLAN-ID1,VLAN-ID2,...]] [mac-addr=MAC-address]
[net-dev=[device]] [linkprop=[phys-state]] [mode=[sc]] [mtu=[size]]
[inter-vnet-link=auto|on|off] [vsw-relay-mode=local|remote] vswitch-name

where:

o pvid=port-VLAN-ID specifies the VLAN to which the virtual
switch device needs to be a member, in untagged mode. See
Using VLAN Tagging in Oracle VM Server for SPARC 3.6 Admin-
istration Guide.

o [vid=[[+|-]VLAN-ID1,VLAN-ID2,...]] specifies one or more
VLANs to which a virtual network device or virtual switch
needs to be a member, in tagged mode. Use the optional +
character to add one or more VLAN IDs to the list. Use the
optional - character to remove one or more VLAN IDs from the
list. See Using VLAN Tagging in Oracle VM Server for SPARC
3.6 Administration Guide.

o mac-addr=MAC-address is the MAC address used by the switch.
The number must be in standard octet notation, for example,
80:00:33:55:22:66.

You can allocate the following types of MAC addresses:

When setting this property on a path that includes VLANs, do
not use the path name that has any VLAN tags.

Note that using the ldm set-vsw command to specify or update
the net-dev property value causes the primary domain to
enter a delayed reconfiguration.

mode= (left blank) stops special processing of heartbeat
packets.

When the value is on, inter-vnet LDC channels are assigned.
When the value is off, no inter-vnet LDC channels are
assigned. When the value is auto, inter-vnet LDC channels
are assigned unless the number of virtual networks in a vir-
tual switch has grown beyond eight. When eight virtual net-
works are exceeded, the inter-vnet LDC channels are dis-
abled. The default value is auto.

The value is one of the following:

o local - enables the network traffic between domains on
the same physical NIC to be exchanged internally. This
is the default mode.

o vswitch-name is the unique name of the switch that is to
exported as a service. Clients (network) can be attached to
this service.

Remove a Virtual Switch
The remove-vsw subcommand removes a virtual switch.

Syntax:

ldm remove-vsw [-f] vswitch-name

where:

o -f attempts to force the removal of a virtual switch. The
removal might fail.

o vswitch-name is the name of the switch that is to be removed
as a service.

Virtual Network - Client
Add a Virtual Network Device
The add-vnet subcommand adds a virtual network device to the specified
logical domain.

Note -

The ldm add-vnet command fails if the number of virtual networks in
the domain exceeds the 999 limit.

Syntax:

ldm add-vnet [mac-addr=MAC-address] [pvid=port-VLAN-ID] [pvlan=secondary-vid,pvlan-type]
[protection=protection-type[,protection-type],...] [auto-alt-mac-addrs=num]
[custom=enable|disable] [custom/max-vlans=num] [custom/max-mac-addrs=num]
[allowed-ips=IP-address[,IP-address]...] [priority=high|medium|low] [cos=0-7]
[allowed-dhcp-cids=[MAC-address|hostname,MAC-address|hostname,...]]
[alt-mac-addrs=auto|MAC-address[,auto|MAC-address,...]] [vid=VLAN-ID1,VLAN-ID2,...]
[linkprop=phys-state] [id=network-ID] [mtu=size] [maxbw=value] if-name vswitch-name
domain-name

where:

o custom=[enable|disable] enables or disables custom settings
for the maximum number of VLANs and MAC addresses that can
be assigned to a virtual network device from a trusted host.
When custom=enabled, you cannot specify alternate MAC
addresses by using the alt-mac-addrs property or VIDs by
using the vid property. You cannot set custom=enable if
either VLAN IDs or alternate MAC addresses are configured.
So, to enable custom settings, clear the alt-mac-addrs and
vid property values first. PVLANs cannot be enabled simulta-
neously. Valid values are enable and disable. The default
value is disable.

Note that you can set custom=enable dynamically, but you
must stop the domain to set custom=disable.

o custom/max-vlans=num specifies the maximum number of VLANs
that can be assigned to a virtual network device from a
trusted host. The default value is 4096.

Note that you cannot reduce the value of the custom/max-
vlans property dynamically.

o custom/max-mac-addrs=num specifies the maximum number of MAC
addresses that can be assigned to a virtual network device
from a trusted host. The default value is 4096.

o mac-addr=MAC-address is the MAC address for this network
device. The number must be in standard octet notation, for
example, 80:00:33:55:22:66.

You can allocate the following types of MAC addresses:

o auto-alt-mac-addrs=num specifies the number of automatic
alternate MAC addresses to be configured for a virtual net-
work.

o pvid=port-VLAN-ID specifies the VLAN to which the virtual
network device needs to be a member, in untagged mode. See
Using VLAN Tagging in Oracle VM Server for SPARC 3.6 Admin-
istration Guide.

o pvlan=secondary-vid,pvlan-type configures a private VLAN
(PVLAN). A primary VLAN forwards traffic downstream to its
secondary VLANs, which can be either isolated or community.
You must also specify the pvid property. The pvlan property
specifies a PVLAN's secondary-vid, which is a value from
1-4094, and a pvlan-type, which is one of the following val-
ues:

o isolated - The ports that are associated with an iso-
lated PVLAN are isolated from all of the peer virtual
networks and Oracle Solaris virtual NICs on the back-end
network device. The packets reach only the external net-
work based on the values you specified for the PVLAN.

o community - The ports that are associated with a commu-
nity PVLAN can communicate with other ports that are in
the same community PVLAN but are isolated from all other
ports. The packets reach the external network based on
the values you specified for the PVLAN.

o [vid=[VLAN-ID1,VLAN-ID2,...]] specifies one or more VLANs to
which a virtual network device needs to be a member, in
tagged mode. See Using VLAN Tagging in Oracle VM Server for
SPARC 3.6 Administration Guide.

o mtu=size specifies the maximum transmission unit (MTU) of a
virtual network device. Valid values are up to 16000 bytes.
Ensure that the specified MTU value is within the range sup-
ported by the backend device.

o linkprop=phys-state specifies whether the virtual network
device reports its link status (status, speed, and duplex)
based on the underlying physical network device. When
linkprop=phys-state is specified on the command line, the
virtual network device link properties reflect physical link
properties. By default, the value is phys-state, which takes
effect only if the underlying physical device reports its
link status.

o maxbw=value specifies the maximum bandwidth limit for the
specified port in megabits per second. This limit ensures
that the bandwidth from the external network (specifically
the traffic that is directed through the virtual switch)
does not exceed the specified value. This bandwidth limit
does not apply to the traffic on the inter-vnet links. You
can set the bandwidth limit to any high value. The value is
ignored when it is higher than the bandwidth supported by
the network back-end device.

o id=network-ID is the ID of a new virtual network device. By
default, ID values are generated automatically, so set this
property if you need to match an existing device name in the
OS.

o allowed-dhcp-cids=MAC-address|hostname,MAC-address|host-
name,...

o allowed-ips=IP-address[,IP-address,...]

Specifies a comma-separated list of IP addresses. For more
information, see ip_nospoof.

o cos=0-7

Specifies the class of service (802.1p) priority that is
associated with outbound packets on the link. When this
property is set, all outbound packets on the link have a
VLAN tag with its priority field set to this property value.
Valid values are 0-7, where 7 is the highest class of ser-
vice and 0 is the lowest class of service. The default value
is 0.

o priority=value

Specifies the relative priority of the link, which is used
for packet processing scheduling within the system. Valid
values are high, medium, and low. The default value is
medium.

o protection=protection-type[,protection-type]...]

Specifies the types of protection (protection-type) in the
form of a bit-wise OR of the protection types. By default,
no protection types are used. The following values are sepa-
rated by commas:

o mac_nospoof enables MAC address anti-spoofing. An out-
bound packet's source MAC address must match the link's
configured MAC address. Non-matching packets are
dropped. This value includes datalink MAC configuration
protection.

o ip_nospoof enables IP address anti-spoofing. This pro-
tection type works in conjunction with the allowed-ips
link property, which specifies one or more IP addresses
(IPv4 or IPv6). An outbound IP packet can pass if its
source address is specified in the allowed-ips list. An
outbound ARP packet can pass if its sender protocol
address is in the allowed-ips list. This value includes
IP address configuration protection.

o dhcp_nospoof enables DHCP client ID (CID) and hardware
address anti-spoofing. By default, this value enables
anti-spoofing for the configured MAC address of the
device port node. If the allowed-dhcp-cids property is
specified, DHCP anti-spoofing is enabled for the DHCP
client IDs for that node.

o restricted enables packet restriction, which restricts
outgoing packet types to only IPv4, IPv6, and ARP pack-
ets.

o if-name is a unique interface name to the logical domain,
which is assigned to this virtual network device instance
for reference on subsequent set-vnet or remove-vnet subcom-
mands.

o vswitch-name is the name of an existing network service
(virtual switch) to which to connect.

o domain-name specifies the logical domain to which to add the
virtual network device.

Set Options for a Virtual Network Device
The set-vnet subcommand sets options for a virtual network device in
the specified logical domain.

Syntax:

ldm set-vnet [mac-addr=MAC-address] [vswitch=vswitch-name] [mode=] [pvid=[port-VLAN-ID]]
[pvlan=[secondary-vid,pvlan-type]] [protection=[[+|-]protection-type[,protection-type],...]]
[allowed-ips=[[+|-]IP-address[,IP-address]...]] [priority=high|medium|low] [cos=0-7]
[allowed-dhcp-cids=[[+|-]MAC-address|hostname,MAC-address|hostname,...]]
[alt-mac-addrs=[[+|-]auto|MAC-address[,auto|MAC-address,...]]] [linkprop=[phys-state]]
[mtu=[size]] [vid=[[+|-]VLAN-ID1,VLAN-ID2,...]] [auto-alt-mac-addrs=[+]num]
[custom=enable|disable] [custom/max-vlans=[num]] [custom/max-mac-addrs=[num]]
[maxbw=[value]] if-name domain-name

where:

Note that you can set custom=enable dynamically, but you
must stop the domain to set custom=disable.

o custom/max-vlans=num specifies the maximum number of VLANs
that can be assigned to a virtual network device from a
trusted host. The default value is 4096.

Note that you cannot reduce the value of the custom/max-
vlans property dynamically.

o custom/max-mac-addrs=num specifies the maximum number of MAC
addresses that can be assigned to a virtual network device
from a trusted host. The default value is 4096.

o mac-addr=MAC-address is the MAC address for this network
device. The number must be in standard octet notation, for
example, 80:00:33:55:22:66.

You can allocate the following types of MAC addresses:

o auto-alt-mac-addrs=[+]num specifies the number of automatic
alternate MAC addresses to be configured for a virtual net-
work. Use the optional + character to add one or more to the
maximum number of alternate MAC addresses.

o alt-mac-addrs=[[+|-]auto|MAC-address,[auto|MAC-address,...]]
is a comma-separated list of alternate MAC addresses. Valid
values are numeric MAC addresses and the auto keyword, which
can be used one or more times to request that the system
generate an alternate MAC address. The auto keyword can be
mixed with numeric MAC addresses. The numeric MAC address
must be in standard octet notation, for example,
80:00:33:55:22:66.

You can assign one or more alternate MAC addresses to create
one or more virtual NIC (VNICs) on this device. Each VNIC
uses one alternate MAC address, so the number of MAC
addresses assigned determines the number of VNICs that can
be created on this device. If no alternate MAC addresses are
specified, attempts to create VNICs on this device fail. Use
the optional + character to add one or more alternate MAC
addresses to the list. Use the optional - character to
remove one or more alternate MAC addresses from the list.
For more information, see the Oracle Solaris 11 networking
documentation and Chapter 13, Using Virtual Networks in Ora-
cle VM Server for SPARC 3.6 Administration Guide.

o vswitch=vswitch-name is the name of an existing network ser-
vice (virtual switch) to which to connect.

o mode= is a property that is used to enable the deprecated
hybrid mode. You can no longer create a hybrid I/O configu-
ration. You can only clear this property's value.

o pvid=port-VLAN-ID specifies the VLAN to which the virtual
network device needs to be a member, in untagged mode. See
Using VLAN Tagging in Oracle VM Server for SPARC 3.6 Admin-
istration Guide.

o pvlan=secondary-vid,pvlan-type configures a PVLAN. A PVLAN
forwards traffic downstream to its secondary VLANs, which
can be either isolated or community. You must have at least
one pvid specified. The pvlan property specifies a PVLAN's
secondary-vid, which is a value from 1-4094, and a pvlan-
type, which is one of the following values:

o [vid=[[+|-]VLAN-ID1,VLAN-ID2,...]] specifies one or more
VLANs to which a virtual network device needs to be a mem-
ber, in tagged mode. Use the optional + character to add one
or more VLAN IDs to the list. Use the optional - character
to remove one or more VLAN IDs from the list. See Using VLAN
Tagging in Oracle VM Server for SPARC 3.6 Administration
Guide.

o allowed-dhcp-cids=[[+|-]MAC-address|hostname,MAC-
address|hostname,...]

Specifies a comma-separated list of MAC addresses or host
names. hostname can be a host name or a fully qualified host
name with a domain name. This name must begin with an alpha-
betic character. MAC-address is the numeric MAC address in
standard octet notation, for example, 80:00:33:55:22:66. Use
the optional + character to add one or more MAC addresses or
host names to the list. Use the optional - character to
remove one or more MAC addresses or host names from the
list. For more information, see dhcp_nospoof.

o allowed-ips=[[+|-]IP-address[,IP-address,...]]

Specifies a comma-separated list of IP addresses. Use the
optional + character to add one or more IP addresses to the
list. Use the optional - character to remove one or more IP
addresses from the list. For more information, see
ip_nospoof.

o cos=0-7

o priority=value

Specifies the relative priority of the link, which is used
for packet processing scheduling within the system. Valid
values are high, medium, and low. The default value is
medium.

o protection=[[+|-]protection-type[,protection-type]...]

Specifies the types of protection (protection-type) in the
form of a bit-wise OR of the protection types. By default,
no protection types are used. Use the optional + character
to add one or more protection types to the list. Use the
optional - character to remove one or more protection types
from the list. The following values are separated by commas:

o restricted enables packet restriction, which restricts
outgoing packet types to only IPv4, IPv6, and ARP pack-
ets.

o if-name is the unique interface name assigned to the virtual
network device that you want to set.

o domain-name specifies the logical domain in which to modify
the virtual network device.

Remove a Virtual Network Device
The remove-vnet subcommand removes a virtual network device from the
specified logical domain.

Syntax:

ldm remove-vnet [-f] if-name domain-name

where:

o -f attempts to force the removal of a virtual network device
from a logical domain. The removal might fail.

o if-name is the unique interface name assigned to the virtual
network device that you want to remove.

o domain-name specifies the logical domain from which to
remove the virtual network device.

Virtual Disk - Service
Add a Virtual Disk Server
The add-vds subcommand adds a virtual disk server to the specified log-
ical domain.

Syntax:

ldm add-vds service-name domain-name

where:

o service-name is the service name for this instance of the
virtual disk server. The service-name must be unique among
all virtual disk server instances on the server.

o domain-name specifies the logical domain in which to add the
virtual disk server.

Remove a Virtual Disk Server
The remove-vds subcommand removes a virtual disk server.

Syntax:

ldm remove-vds [-f] service-name

where:

o -f attempts to force the removal of a virtual disk server.
The removal might fail.

o service-name is the unique service name for this instance of
the virtual disk server.

Caution -

The -f option attempts to unbind all clients before removal, which
might cause loss of disk data if writes are in progress.

Add a Device to a Virtual Disk Server
The add-vdsdev subcommand adds a device to a virtual disk server. The
device can be an entire disk, a slice on a disk, a file, or a disk vol-
ume. See Chapter 11, Using Virtual Disks in Oracle VM Server for SPARC
3.6 Administration Guide.

Syntax:

ldm add-vdsdev [-f] [-q] [options={ro,slice,excl}] [mpgroup=mpgroup] backend
volume-name@service-name

where:

o -f attempts to force the creation of an additional virtual
disk server when specifying a block device path that is
already part of another virtual disk server. If specified,
the -f option must be the first in the argument list.

o -q disables the validation of the virtual disk back end that
is specified by the backend operand. This option enables the
command to run more quickly, especially if the logical
domain or the back end is not fully configured.

o options= are as follows:

o ro - Specifies read-only access

o slice - Exports a back end as a single slice disk

o excl - Specifies exclusive disk access

Omit the options= argument to have the default values of disk, not
exclusive, and read/write. If you add the options= argument, you
must specify one or more of the options for a specific virtual disk
server device. Separate two or more options with commas and no spa-
ces, such as ro,slice,excl.

o mpgroup=mpgroup is the disk multipath group name used for
virtual disk failover support. You can assign the virtual
disk several redundant paths in case the link to the virtual
disk server device currently in use fails. To do this, you
would group multiple virtual disk server devices (vdsdev)
into one multipath group (mpgroup), all having the same
mpgroup name. When a virtual disk is bound to any virtual
disk server device in a multipath group, the virtual disk is
bound to all the virtual disk server devices that belong to
the mpgroup.

o backend is the location where data of a virtual disk are
stored. The back end can be a disk, a disk slice, a file, a
volume (including ZFS, Solaris Volume Manager, or VxVM), or
any disk pseudo device. The disk label can be SMI VTOC, EFI,
or no label at all. A back end appears in a guest domain
either as a full disk or as single slice disk, depending on
whether the slice option is set when the back end is
exported from the service domain. When adding a device, the
volume-name must be paired with the backend. The system val-
idates that the location specified by backend exists and can
be used as a virtual disk back end unless the -q option is
specified.

o volume-name is a unique name that you must specify for the
device being added to the virtual disk server. The volume-
name must be unique for this virtual disk server instance
because this name is exported by this virtual disk server to
the clients for adding. When adding a device, the volume-
name must be paired with the backend.

o service-name is the name of the virtual disk server to which
to add this device.

Set Options for a Virtual Disk Server Device
The set-vdsdev subcommand sets options for a virtual disk server. See
the Oracle VM Server for SPARC 3.6 Administration Guide.

Syntax:

ldm set-vdsdev [-f] options=[{ro,slice,excl}] [mpgroup=mpgroup]
volume-name@service-name

where:

o -f removes the read-only restriction when multiple volumes
in the same logical domain are sharing an identical block
device path in read-only mode (option=ro). If specified, the
-f option must be the first in the argument list.

o options= are as follows:

o ro - Specifies read-only access

o slice - Exports a back end as a single slice disk

o excl - Specifies exclusive disk access

o Leave the options= argument blank to turn off any previ-
ous options specified. You can specify all or a subset
of the options for a specific virtual disk server
device. Separate two or more options with commas and no
spaces, such as ro,slice,excl.

o volume-name is the name of an existing volume exported by
the service named by service-name.

o service-name is the name of the virtual disk server being
modified.

Remove a Device From a Virtual Disk Server
The remove-vdsdev subcommand removes a device from a virtual disk
server.

Syntax:

ldm remove-vdsdev [-f] volume-name@service-name

where:

o -f attempts to force the removal of the virtual disk server
device. The removal might fail.

o volume-name is the unique name for the device being removed
from the virtual disk server.

o service-name is the name of the virtual disk server from
which to remove this device.

Caution -

Without the -f option, the remove-vdsdev subcommand does not allow a
virtual disk server device to be removed if the device is busy. Using
the -f option can cause data loss for open files.

Virtual Disk - Client
Add a Virtual Disk
The add-vdisk subcommand adds a virtual disk to the specified logical
domain. An optional timeout property allows you to specify a timeout
for a virtual disk if it cannot establish a connection with the virtual
disk server.

When disk-name is an mpgroup disk, the ldm add-vdisk command does the
following:

o Adds the virtual disk to the specified domain

o Selects volume-name@service-name as the first path to access
the virtual disk

Syntax:

ldm add-vdisk [timeout=seconds] [id=disk-ID] disk-name volume-name@service-name domain-name

where:

o timeout=seconds is the number of seconds for establishing a
connection between a virtual disk client (vdc) and a virtual
disk server (vds). If there are multiple virtual disk
(vdisk) paths, then the vdc can try to connect to a differ-
ent vds, and the timeout ensures that a connection to any
vds is established within the specified amount of time.

Omit the timeout= argument or set timeout=0 to have the vir-
tual disk wait indefinitely.

o id=disk-ID is the ID of a new virtual disk device. By
default, ID values are generated automatically, so set this
property if you need to match an existing device name in the
OS.

o disk-name is the name of the virtual disk.

o volume-name is the name of the existing virtual disk server
device to which to connect.

o service-name is the name of the existing virtual disk server
to which to connect.

o domain-name specifies the logical domain in which to add the
virtual disk.

Set Options for a Virtual Disk
The set-vdisk subcommand sets options for a virtual disk in the speci-
fied logical domain. An optional timeout property allows you to specify
a timeout for a virtual disk if it cannot establish a connection with
the virtual disk server.

Except when used for mpgroup disks, this command can be used only when
the domain is bound or inactive.

When disk-name is an mpgroup disk, you can use the ldm set-vdisk com-
mand to specify the first path to the virtual disk as the value of the
volume property. The path that you specify as the selected path must
already belong to the mpgroup.

Dynamic path selection is available when updated virtual disk drivers
are running. To determine the version of the Oracle Solaris OS that
contains these updated drivers, see Oracle VM Server for SPARC 3.6
Administration Guide.

Dynamic path selection occurs when the first path in an mpgroup disk is
changed by using the ldm set-vdisk command to set the volume property
to a value in the form volume-name@service-name. Only an active domain
that supports dynamic path selection can switch to the selected path.
If the updated drivers are not running, this path is selected when the
Oracle Solaris OS reloads the disk instance or at the next domain
reboot.

Syntax:

ldm set-vdisk [timeout=seconds] [volume=volume-name@service-name] disk-name domain-name

where:

Set timeout=0 to disable the timeout.

Do not specify a timeout= argument to have the virtual disk
wait indefinitely.

o volume=volume-name is the name of the virtual disk server
device to which to connect. service-name is the name of the
virtual disk server to which to connect.

o disk-name is the name of the existing virtual disk.

o domain-name specifies the existing logical domain where the
virtual disk was previously added.

Set Options for a Virtual Disk
The remove-vdisk subcommand removes a virtual disk from the specified
logical domain.

Syntax:

ldm remove-vdisk [-f] disk-name domain-name

where:

o -f attempts to force the removal of the virtual disk. The
removal might fail.

o disk-name is the name of the virtual disk to be removed.

o domain-name specifies the logical domain from which to
remove the virtual disk.

Virtual SCSI Host Bus Adapter - Client
The subcommands described in the following sections affect the vHBA
resource, which is a virtual SCSI host bus adapter (HBA) that supports
the Sun Common SCSI Architecture (SCSA) interface. A vHBA sends SCSI
commands from a SCSI target driver in the client to a SCSI device that
is managed by a virtual storage area network (SAN) vSAN service.

Create a Virtual SCSI Host Bus Adapter
The add-vhba subcommand creates a virtual SCSI HBA on the specified
logical domain.

Syntax:

ldm add-vhba [id=vHBA-ID] [timeout=seconds] vHBA-name vSAN-name domain-name

where:

o id=vHBA-ID specifies the ID of a new virtual SCSI HBA
device. By default, ID values are generated automatically,
so set this property only if you need to match an existing
device name in the OS.

o timeout=seconds specifies the number of seconds to wait to
establish a connection between a virtual SCSI HBA instance
and a virtual SAN server. If the timeout expires, outstand-
ing I/O requests are terminated gracefully. Setting time-
out=0 or timeout= causes the virtual SCSI HBA instance to
wait indefinitely for the virtual SAN service to be usable.

o vHBA-name specifies the name of the virtual SCSI HBA.

o vSAN-name specifies the name of the existing virtual SAN
server device with which to connect.

o domain-name specifies the name of the logical domain.

Modify a Virtual SCSI Host Bus Adapter
The set-vhba subcommand enables you to specify a timeout value for the
virtual SCSI HBA on the specified logical domain.

Syntax:

ldm set-vhba [timeout=seconds] vHBA-name domain-name

where:

o timeout=seconds specifies how long the specified virtual
SCSI HBA instance waits before timing out and failing SCSA
commands.

o vHBA-name specifies the name of the virtual SCSI HBA.

o domain-name specifies the name of the logical domain.

Rescan a Virtual SCSI Host Bus Adapter
The rescan-vhba subcommand causes the specified virtual SCSI HBA to
query the associated virtual SAN for the current set of SCSI devices
that are known to the virtual SAN.

Use this subcommand when a SCSI device is created on or removed from
the physical SCSI HBA that is managed by the vSAN. The ldm rescan-vhba
command synchronizes the set of SCSI devices that are seen by the vir-
tual SCSI HBA and virtual SAN.

Syntax:

ldm rescan-vhba vHBA-name domain-name

Remove a Virtual SCSI Host Bus Adapter
The remove-vhba subcommand removes a virtual SCSI HBA from a logical
domain.

Syntax:

ldm remove-vhba vHBA-name domain-name

Virtual SCSI Host Bus Adapter - Service
The subcommands described in the following sections affect the vSAN
resource, which is a virtual storage area network (SAN) service that
exports the set of physical SCSI devices under a specified SCSI HBA
initiator port. The physical devices of the vSAN are accessed from the
client through a vHBA device.

The mask property controls how vSAN instances are created. You can cre-
ate vSAN instances in the following ways:

o mask=off. Create a vSAN instance that represents the set of
all physical devices that are reachable by the specified
initiator port. This method is used by default to create
vSAN instances.

o mask=on. Create a vSAN instance that represents a subset
(zero or more) of the physical devices that are reachable by
the specified initiator port.

You can use the ldm add-vsan command or the ldm set-vsan command to
specify the value of the mask property.

Create a Virtual Storage Area Network
The add-vsan subcommand creates a virtual SAN server on a logical
domain. The virtual SAN manages all SCSI devices that are children of
the specified SCSI HBA initiator port.

Syntax:

ldm add-vsan [-q] [mask=on|off] iport-path vSAN-name domain-name

where:

o -q does not validate the I/O device in the service domain.

o mask=on|off specifies how to create a vSAN instance.

You can create vSAN instances in the following ways:

o mask=off. Create a vSAN instance that represents the set
of all physical devices that are reachable by the speci-
fied initiator port. This method is used by default to
create vSAN instances.

o mask=on. Create a vSAN instance that represents a subset
(zero or more) of the physical devices that are reach-
able by the specified initiator port.

o iport-path specifies the SCSI HBA initiator port to asso-
ciate with the virtual SAN.

Use the ldm list-hba command to obtain the iport-path value.

o vSAN-name specifies the name of the virtual SAN.

o domain-name specifies the logical domain in which the speci-
fied SCSI HBA initiator port resides.

Add a Physical Device to a Virtual Storage Area Network
The add-vsan-dev subcommand adds a physical device with the specified
WWN to the specified virtual SAN instance.

Run this command for each physical device that you want to add to the
virtual SAN instance. Run this command only when the specified virtual
SAN instance has its mask property set to on.

Syntax:

ldm add-vsan-dev vSAN-name WWN

where:

o vSAN-name specifies the name of the virtual SAN instance.

o WWN specifies the WWN of the physical device to add to the
specified virtual SAN instance.

Dynamically Specify the Virtual Storage Area Network Mask
The set-vsan subcommand enables you to specify the value of the mask
property. The virtual SAN automatically notifies the virtual SCSI HBA
instance when you change the property value.

If you change the mask property value to off, all devices that are
reachable by the vSAN's initiator port become members of the virtual
SAN.

If you change the mask property value to on, the content of the vSAN's
mask property value is reset to remove all physical device identifica-
tion data. To populate the mask property with identification data, run
the ldm add-vsan-dev command for each physical device you want to add
to the vSAN.

Note -

When you issue the ldm set-vsan command, any I/O commands that are
running are terminated gracefully. Subsequent I/O requests to a pre-
viously known vSAN member return an error stating that the device is
no longer reachable.

Syntax:

ldm set-vsan [mask=on|off] vSAN-name

where:

o mask=on|off specifies how to create a vSAN instance.

You can create vSAN instances in the following ways:

o mask=off. Create a vSAN instance that represents the set
of all physical devices that are reachable by the speci-
fied initiator port.

o mask=on. Create a vSAN instance that represents a subset
(zero or more) of the physical devices that are reach-
able by the specified initiator port.

o vSAN-name specifies the name of the virtual SAN instance.

Remove a Virtual Storage Area Network
The remove-vsan subcommand removes a virtual SAN from a logical domain.

Syntax:

ldm remove-vsan vSAN-name

where vSAN-name specifies the name of the virtual SAN.

Remove a Physical Device From a Virtual Storage Area Network
The remove-vsan-dev subcommand removes a physical device with the spec-
ified WWN from the virtual SAN.

You can run this command for each physical device that you want to
remove from the virtual SAN instance.

Run this command only when the specified virtual SAN instance has its
mask property set to on.

Syntax:

ldm remove-vsan-dev vSAN-name WWN

where:

o vSAN-name specifies the name of the virtual SAN instance.

o WWN specifies the WWN of the physical device to remove from
the specified virtual SAN instance.

Virtual Console
Add a Virtual Console Concentrator
The add-vcc subcommand adds a virtual console concentrator to the spec-
ified logical domain.

Syntax:

ldm add-vcc port-range=x-y vcc-name domain-name

where:

o port-range=x-y is the range of TCP ports to be used by the
virtual console concentrator for console connections.

o vcc-name is the name of the virtual console concentrator
that is to be added.

o domain-name specifies the logical domain to which to add the
virtual console concentrator.

Set Options for a Virtual Console Concentrator
The set-vcc subcommand sets options for a specific virtual console con-
centrator.

Syntax:

ldm set-vcc port-range=x-y vcc-name

where:

o port-range=x-y is the range of TCP ports to be used by the
virtual console concentrator for console connections. Any
modified port range must encompass all the ports assigned to
clients of the concentrator.

o vcc-name is the name of the virtual console concentrator
that is to be set.

Remove a Virtual Console Concentrator
The remove-vcc subcommand removes a virtual console concentrator from
the specified logical domain.

Syntax:

ldm remove-vcc [-f] vcc-name

where:

o -f attempts to force the removal of the virtual console con-
centrator. The removal might fail.

o vcc-name is the name of the virtual console concentrator
that is to be removed.

Caution -

The -f option attempts to unbind all clients before removal.

Set Options for a Virtual Console
The set-vcons subcommand sets a specific port number and group in the
specified logical domain. You can also set the attached console's ser-
vice. This subcommand can be used only when a domain is inactive.

Syntax:

ldm set-vcons [port=[port-num]] [group=group] [service=vcc-server] [log=[on|off]] domain-name

where:

o port=port-num is the specific port to use for this console.
Leave the port-num blank to have the Logical Domains Manager
automatically assign the port number.

o group=group is the new group to which to attach this con-
sole. The group argument allows multiple consoles to be mul-
tiplexed onto the same TCP connection. Refer to the Oracle
Solaris OS vntsd(8) man page for more information about this
concept. When a group is specified, a service must also be
specified.

o service=vcc-server is the name for the existing virtual con-
sole concentrator that should handle the console connection.
A service must be specified when a group is specified.

o log=[on|off] enables or disables virtual console logging.
Valid values are on to enable logging, off to disable log-
ging, and a null value (log=) to reset to the default value.
The default value is on.

Log data is saved to a file called /var/log/vntsd/domain-
name/console-log on the service domain that provides the
virtual console concentrator service. Console log files are
rotated by using the logadm command. See the logadm(8) and
logadm.conf(5) man pages.

o domain-name specifies the logical domain in which to set the
virtual console.

You can enable virtual console logging for any guest domain
that runs the Oracle Solaris 10 OS or Oracle Solaris 11 OS.
The service domain must run the Oracle Solaris 11.1 OS.

Physical Functions and Virtual Functions
Virtual Functions
The PCIe single-root I/O virtualization (SR-IOV) standard enables the
efficient sharing of PCIe devices among I/O domains. This standard is
implemented in the hardware to achieve near-native I/O performance. SR-
IOV creates a number of virtual functions that are virtualized
instances of the physical device or function. The virtual functions are
directly assigned to I/O domains so that they can share the associated
physical device and perform I/O without CPU and hypervisor overhead.

PCIe physical functions have complete access to the hardware and pro-
vide the SR-IOV capability to create, configure, and manage virtual
functions. A PCIe component on the system board or a PCIe plug-in card
can provide one or more physical functions. An Oracle Solaris driver
interacts with the physical functions that provide access to the SR-IOV
features.

PCIe virtual functions contain the resources that are necessary for
data movement. An I/O domain that has a virtual function can access
hardware and perform I/O directly by means of an Oracle Solaris virtual
function driver. This behavior avoids the overhead and latency that is
involved in the virtual I/O feature by removing any bottlenecks in the
communication path between the applications that run in the I/O domain
and the physical I/O device in the root domain.

Some of these commands require that you specify an identifier for a
physical function or virtual function as follows:

pf-name ::= pf-pseudonym | pf-path
vf-name ::= vf-pseudonym | vf-path

Use the pseudonym form when referring to a corresponding device. This
is the form of the name that is shown in the NAME column of the ldm
list-io output. When you run the ldm list-io -l command, the path form
of the name appears in the output.

The ldm list-io -p output shows the pseudonym form as the value of the
alias= token and the path form as the value of the dev= token.

Create a Virtual Function
The create-vf subcommand creates a virtual function from a specified
physical function by incrementing the number of virtual functions in
the specified physical function by one. The new virtual function is
assigned the highest number in the sequence of virtual function num-
bers.

To dynamically create virtual functions, ensure that you set the iov
property for the parent root complex.

Network class virtual functions must have a MAC address assigned, which
is assigned by default. To override the default MAC address value,
specify another value for the mac-addr property.

You can also set class-specific properties and device-specific proper-
ties when you create a virtual function. This command succeeds only
when the physical function driver successfully validates the resulting
configuration. By default, a new virtual function is not assigned to
any domain. After you assign a virtual function to an I/O domain, you
cannot create more virtual functions from that physical function. So,
plan ahead by determining whether you want to create multiple virtual
functions. If you do, create all of the virtual functions that the par-
ent physical function requires before you assign any of them to an I/O
domain.

The device-specific properties depend on the properties that are
exported by the physical function driver. For more information, use the
ldm list-io -d command.

Syntax:

ldm create-vf [-n number | max] [name=user-assigned-name] pf-name

ldm create-vf [property-name=value ...] [name=user-assigned-name] pf-name

ldm create-vf [alt-mac-addrs=[auto|MAC-address,[auto|MAC-address,...]]] [pvid=pvid]
[mac-addr=MAC-address] [vid=vid1,vid2,...] [mtu=size] [property-name=value...] net-pf-name

ldm create-vf [property-name=value...] ib-pf-name

ldm create-vf [port-wwn=value node-wwn=value] [bw-percent=[value]] fc-pf-name

where:

o -n creates number virtual functions. If you specify max
instead of number, the maximum number of virtual functions
are created for the specified physical function.

o name=user-assigned-name specifies a name that you assign to
the virtual function.

If you use the -n option and name property together, user-
assigned-name is used as a base name for the generated vir-
tual function names. A period and a sequence number are
appended to the base name to indicate the virtual function
instance.

o mac-addr=MAC-address is the primary MAC address of the Eth-
ernet virtual function.

o alt-mac-addrs=auto|MAC-address,[auto|MAC-address,...] is a
comma-separated list of alternate MAC addresses for the Eth-
ernet virtual function. Valid values are numeric MAC
addresses and the auto keyword, which can be used one or
more times to request that the system generate an alternate
MAC address. The auto keyword can be mixed with numeric MAC
addresses. The numeric MAC address must be in standard octet
notation, for example, 80:00:33:55:22:66.

o pvid=port-VLAN-ID is the port VLAN ID (no default value) for
the Ethernet virtual function

o vid=VLAN-ID1,VLAN-ID2... is a comma-separated list of inte-
ger VLAN IDs for the Ethernet virtual function.

o mtu=size is the maximum transmission unit (in bytes) for the
Ethernet virtual function.

o property-name=value enables you to set a class-specific or
device-specific property for the target device. property-
name is the name of the class-specific or device-specific
property.

o pf-name is the name of the physical function.

o net-pf-name is the name of the network physical function.

o ib-pf-name is the name of the InfiniBand physical function.

o fc-pf-name is the name of the Fibre Channel physical func-
tion.

Destroy a Virtual Function
The destroy-vf subcommand destroys a virtual function from the speci-
fied physical function. This command succeeds only if the following are
true:

o The specified virtual function is not currently assigned to
any domain.

o The specified virtual function is the last virtual function
in the corresponding physical function.

o The resulting configuration is successfully validated by the
physical function driver.

o A successful operation triggers a delayed reconfiguration,
as the change to the number of virtual functions can only be
done as part of rebooting. See the create-vf subcommand for
more information.

Syntax:

ldm destroy-vf vf-name

ldm destroy-vf -n number | max pf-name

where:

o -n destroys number virtual functions. If you specify max
instead of number, the maximum number of virtual functions
are destroyed for the specified physical function.

o pf-name is the name of the physical function.

o vf-name is the name of the virtual function.

Variables
Add Variable
The add-variable subcommand adds one or more variables for a logical
domain.

Syntax:

ldm add-variable var-name=[value]... domain-name

where:

o var-name=value is the name-value pair of a variable to add.
The value is optional.

o domain-name specifies the logical domain in which to add the
variable.

Set Variable
The set-variable subcommand sets variables for a logical domain.

Note -

The ldm add-variable command sets the value if the variable already
exists.

Syntax:

ldm set-variable var-name=[value]... domain-name

where:

o var-name=value is the name-value pair of a variable to set.
The value is optional.

o domain-name specifies the logical domain in which to set the
variable.

Note -

Leaving value blank, sets var-name to no value.

Remove Variable
The remove-variable subcommand removes a variable for a logical domain.

Syntax:

ldm remove-variable var-name... domain-name

where:

o var-name is the name of a variable to remove.

o domain-name specifies the logical domain from which to
remove the variable.

Other Operations
Start Domains
The start-domain subcommand starts one or more logical domains.

Syntax:

ldm start-domain -a

ldm start-domain -i file

ldm start-domain [-f] [-m] domain-name...

where:

o -a starts all bound logical domains.

o -i file specifies an XML configuration file to use in
starting the logical domain.

o -f starts a guest domain even when its root service domain
or root service domains are not running.

Note that the guest domain might not boot successfully if
the missing I/O services are required to boot the OS. Also,
the guest domain's applications might not function properly
if the missing I/O services are required for the applica-
tions' operation.

o -m performs a MAC address collision check on all MAC
addresses, including alternate MAC addresses of the virtual
networks and virtual functions, that are assigned to the
domain. Performing this validation might delay the start of
the domain. The ldm start-domain command fails if a MAC
address collision is found.

o domain-name specifies one or more logical domains to start.

Stop Domains
The stop-domain subcommand stops one or more running domains by doing
one of the following:

o Sending a shutdown request to a domain if it runs the appro-
priate Logical Domains agent

o Sending a uadmin request to a domain if the Oracle Solaris
OS is booted

By default, the command first attempts to use shutdown to stop the
domain. However, if the appropriate Logical Domains agent is not avail-
able, the command uses uadmin to stop the domain. See the shutdown(8)
and uadmin(8) man pages.

You can change this default behavior by setting the
ldmd/default_quick_stop SMF property. You can also specify the amount
of time the ldm stop-domain command waits for shutdown to finish by
setting the ldmd/shutdown_timeout SMF property. See the ldmd(8) man
page.

Syntax:

ldm stop-domain [[-f | -q] | [[-h | -r | -t sec] [-m msg]]] (-a | domain-name...)

where:

o -a stops all running logical domains except the control
domain.

o -f attempts to force a running logical domain to stop. Use
only if the domain cannot be stopped by any other means.
This option is mutually exclusive with the -h, -q, -r, and
-t options.

o -h uses the shutdown command to halt the operating system.
This option does not fall back to using the uadmin command.
This option is mutually exclusive with the -f, -q, -r, and
-t options.

o -m msg specifies the message to send to the domains to be
shut down or rebooted.

Enclose msg within single or double quotation marks if the
string contains white space. If you do not specify the -m
msg option, the command issues the Graceful shutdown
requested by the domain manager message. This option is
incompatible with the -f and -q options.

o -q issues a quick stop of the specified domain. This option
is mutually exclusive with the -f, -h, -r, and -t options.

o -r uses the shutdown command to stop and reboot the operat-
ing system. This option is mutually exclusive with the -f,
-h, -q, and -t options.

o -t sec waits at least sec seconds at the end of the domain
shutdown sequence before reissuing the command with the -q
option to shut down any specified domains that are still
running. If the domain does not stop after the timeout
expires, the command issues the Graceful shutdown timeout
exhausted for domain-name and then retries with the -q
option. The command is only reissued if the domain shutdown
request does not complete in time. sec must be a value
greater than 0. This option is mutually exclusive with the
-f, -h, -q, and -r options.

Note that if the shutdown request cannot be performed for a
particular domain, the command immediately falls back to the
-q option for that domain.

o domain-name specifies one or more running logical domains to
stop.

To perform a graceful Oracle Solaris shutdown on a domain that is not
running the supporting Logical Domains agent version, perform a shut-
down or init operation in the domain itself. See the init(8) man page.
The ldm stop-domain -h command executes a graceful shutdown and reports
an error for any domain on which a graceful shutdown is not available.

Panic Oracle Solaris OS
The panic-domain subcommand panics the Oracle Solaris OS on a specified
logical domain, which provides a back trace and crash dump if you con-
figure the Oracle Solaris OS to do that. The dumpadm(8) command pro-
vides the means to configure the crash dump.

Syntax:

ldm panic-domain domain-name

Where domain-name specifies the logical domain to panic.

Provide Help Information
The ldm --help command provides usage for all subcommands or the sub-
command that you specify. You can also use the ldm command alone to
provide usage for all subcommands.

Syntax:

ldm --help [subcommand]

subcommand specifies the ldm subcommand about which you want usage
information.

Provide Version Information
The ldm --version command provides version information.

ldm --version

ldm -V

Bind Resources to a Domain
The bind-domain subcommand binds, or attaches, configured resources to
a logical domain.

Syntax:

ldm bind-domain [-f] [-q] -i file

ldm bind-domain [-f] [-q] domain-name

where:

o -f attempts to force the binding of the domain even if
invalid network or disk back-end devices are detected.

o -q disables the validation of network or disk back-end
devices so that the command runs more quickly.

o -i file specifies an XML configuration file to use in bind-
ing the logical domain.

o domain-name specifies the logical domain to which to bind
resources.

Unbind Resources From a Domain
The unbind-domain subcommand releases resources bound to configured
logical domains.

Syntax:

ldm unbind-domain domain-name

domain-name specifies the logical domain from which to unbind
resources.

SP Configuration Operations
Add an SP Configuration
The add-spconfig subcommand adds an SP configuration, either based on
the currently active configuration or on a previously autosaved config-
uration. The configuration is stored on the SP.

Syntax:

ldm add-spconfig config-name

ldm add-spconfig -r autosave-name [new-config-name]

where:

o config-name is the name of the SP configuration to add.

o -r autosave-name applies the autosave configuration data to
one of the following:

o Configuration on the SP that has the same name

o Newly created configuration, new-config-name, which does
not exist on the SP

If the target configuration does not exist on the SP, a configura-
tion of that name is created and saved to the SP based on the con-
tents of the corresponding autosave configuration. After the
autosave configuration data is applied, those autosave files are
deleted from the control domain. If autosave-name does not repre-
sent the currently selected configuration, or if new-config-name is
specified, the state of the current configuration on the SP and any
autosave files for it on the control domain are unaffected.

Updates the specified configuration based on the autosave informa-
tion. Note that you must perform a power cycle after using this
command to instantiate the updated configuration.

o new-config-name is the name of the SP configuration to add.

Set an SP Configuration
The set-spconfig subcommand enables you to specify the SP configuration
to use at the next system power cycle. The configuration is stored on
the SP.

Syntax:

ldm set-spconfig config-name

config-name is the name of the SP configuration to use.

The default configuration name is factory-default. To specify the
default configuration, use the following:

primary# ldm set-spconfig factory-default

Remove an SP Configuration
The remove-spconfig subcommand removes an SP configuration that is
stored on the SP, as well as any corresponding autosave configuration
from the control domain.

Syntax:

ldm remove-spconfig [-r] config-name

where:

o -r only removes autosave configurations from the control
domain.

o config-name is the name of the SP configuration to remove.

List SP Configurations
The ldm list-spconfig command lists SP configurations and SP configura-
tions that have autosave files on the control domain.

Syntax:

ldm list-spconfig [-r] [config-name]

where:

o -r lists those SP configurations that have autosave files on
the control domain.

Specifying the -r option with config-name tests whether the
specified SP configuration with autosave files exists. If
you do not specify config-name, the ldm list-spconfig com-
mand lists any SP configurations that have autosave files on
the control domain.

Note -

When a delayed reconfiguration is pending, the SP configuration
changes are immediately autosaved to the control domain. As a
result, if you run the ldm list-spconfig -r command, the SP con-
figuration with autosave files is shown as being newer than the
current SP configuration.

o config-name specifies the name of an SP configuration. This
optional operand enables you to test for the existence of an
SP configuration or of an SP configuration that has autosave
files. The command exits with 0 if the configuration or the
configuration with autosave files exists. The command exits
with 1 if the configuration or the configuration with
autosave files does not exist.

Command History
Use the ldm list-history command to view the Oracle VM Server for SPARC
command history log. This log captures ldm commands and commands that
are issued through the XMPP interface. By default, the number of the
commands shown by the ldm list-history command is ten.

To change the number of commands output by the ldm list-history com-
mand, use the ldm set-logctl command to set the history property value.
If you set history=0, the saving of command history is disabled. You
can re-enable this feature by setting the history property to a non-
zero value.

Syntax:

ldm list-history

Logging Operations
Oracle VM Server for SPARC logs messages to its standard log,
/var/svc/log/ldoms-ldmd:default.log.

Control Logging Operations
The set-logctl subcommand specifies the fine-grained logging character-
istics that control the messages written to the log. Note that you can-
not disable the logging of fatal or warning messages.

Syntax:

where:

o cmd=[on|off|resp] specifies how to treat command messages.
Specify the on value to enable, the off value to disable, or
the resp value to log the command and its command response.

o debug=[on|off] specifies how to treat debug messages. Spec-
ify the on value to enable or the off value to disable these
messages.

o info=[on|off] specifies how to treat informational messages.
Specify the on value to enable or the off value to disable
these messages.

o notice=[on|off] specifies how to treat messages that indi-
cate that an event requires user attention. Specify the on
value to enable or the off value to disable these messages.

o history=num specifies the number of commands output by the
ldm list-history command. Setting the value to 0 disables
the saving of command history.

o defaults resets the logging capabilities to the default val-
ues.

View Logging Capabilities
The list-logctl subcommand shows you the current behavior of the log-
ging types. When no option is specified, the output shows the logging
capability values for all logging types.

Syntax:

ldm list-logctl [-a] [-d] [logging-type...]

where:

o -a shows the logging capability values for all logging types
and the number of commands output by the ldm list-history
command.

o -d shows the default logging capability values for the log-
ging types.

o logging-type specifies one or more of the following logging
types:

fatal Fatal error condition (always logged)

warning Event requiring user attention (always logged)

notice Event that might require user attention

info Informational message only

cmd CLI/XML command line logging

debug Debug messages

List Operations
Flags in list Subcommand Output
The following flags can be shown in the output for a domain (ldm list).
If you use the long, parseable options (-l -p) for the command, the
flags are spelled out; for example, flags=normal,control,vio-service.
If not, you see the letter abbreviation; for example -n-cv-. The list
flag values are position dependent. Following are the values that can
appear in each of the six columns from left to right.

Column 1 - Starting or stopping domains

o s starting or stopping

Column 2 - Domain status

o n normal

o t transition

o d degraded domain that cannot be started due to missing
resources

Column 3 - Reconfiguration status

o d delayed reconfiguration

o r memory dynamic reconfiguration

Column 4 - Control domain

o c control domain

Column 5 - Service domain

o v virtual I/O service domain

Column 6 - Migration status

o s source domain in a migration

o t target domain in a migration

o e error occurred during a migration

List Domains and States
The list-domain subcommand lists logical domains and their states. If
you do not specify a logical domain, all logical domains are listed.

Syntax:

ldm list-domain [-e] [-l] [-o format] [-p] [-S] [domain-name...]

where:

o -e generates an extended listing containing services and
devices that are automatically set up, that is, not under
your control.

o -l generates a long listing.

o -o limits the output format to one or more of the following
subsets. If you specify more than one format, delimit each
format by a comma with no spaces.

o cmi - Output shows information about CMI devices, which
includes the associated virtual CPUs and cores that are
bound to the domain.

o console - Output shows the virtual console (vcons) and
virtual console concentrator (vcc) service.

o core - Output shows information about cores, core ID and
physical CPU set.

o cpu - Output shows information about the CPU thread
(vcpu), physical CPU (pcpu), and core ID (cid).

o disk - Output shows the virtual disk (vdisk) and virtual
disk server (vds).

o domain - Output shows the variables (var), host ID
(hostid), domain state, flags, universally unique iden-
tifier (UUID), software state, utilization percentage,
normalized utilization percentage, a slave's master
domains, and the master domain's failure policy.

o hba - Output shows the virtual SCSI HBA, the virtual SAN
(vSAN), and the domain of the virtual SAN.

o memory - Output shows memory.

o network - Output shows the media access control (mac)
address, virtual network switch (vsw), and virtual net-
work (vnet) device.

o physio - Physical I/O output shows the peripheral compo-
nent interconnect (pci) and network interface unit
(niu).

o resmgmt - Output shows resource management policy infor-
mation, indicates which policy is currently running, and
indicates whether the whole-core, and max-core con-
straints are enabled.

o san - Output shows the name of the virtual SAN and the
device path of the SCSI HBA initiator port with which
the virtual SAN is associated.

o serial - Output shows the virtual logical domain channel
(vldc) service, virtual logical domain channel client
(vldcc).

o status - Output shows the status of a migrating domain
and a memory dynamic reconfiguration operation.

You can use the -o status option to show the status of
any migration operations or DR operations that are in
progress. This information is derived from the flags in
the FLAGS field. The -o status option does not relate to
the STATE field.

o -p generates the list in a parseable, machine-readable for-
mat.

o -S generates status information about CPU-related and mem-
ory-related resources. Status values are ok to indicate that
the resource is operating normally and fail to indicate that
the resource is faulty.

This status is only determined for CPU and memory resources
on the Fujitsu M10 platform and the Fujitsu SPARC M12 plat-
form. On all other platforms, the status field is only shown
in parseable output when the -p option is used. The status
on these platforms is always shown as status=NA.

o domain-name is the name of the logical domain for which to
list state information.

List Bindings for Domains
The list-bindings subcommand lists bindings for logical domains. If no
logical domains are specified, all logical domains are listed.

If you specify the name of a domain, any alternate MAC addresses for a
virtual network device are shown after the MAC address of the control
domain. The following command shows the three alternate MAC addresses
for vnet1 on the ldg1 domain:

primary# ldm list-bindings ldg1
...
NETWORK
NAME SERVICE ID DEVICE MAC MODE PVID VID MTU LINKPROP
vnet1 primary-vsw0@primary 0 network@0 00:14:4f:f8:0c:80 1 1500
00:14:4f:fa:3a:f9
00:14:4f:f9:06:ab
00:14:4f:fb:3d:af

PEER MAC MODE PVID VID MTU LINKPROP
primary-vsw0@primary 00:14:4f:fa:94:60 1 1500
vnet2@ldg2 00:14:4f:f9:38:d1 1 1500
vnet3@ldg3 00:14:4f:fa:60:27 1 1500
vnet4@ldg4 00:14:4f:f8:0f:41 1 1500
...

The following command shows the three alternate MAC addresses for vnet1
on the ldg1 domain in parseable output:

The ldm list-bindings command shows the following information about
mpgroup disks:

o The STATE column shows one of the following states for each
mpgroup path:

o active indicates the current active path of the mpgroup

o standby indicates that the path is not currently used

o unknown indicates that the disk is unattached or in the
midst of changing state, or that the specified domain
does not run an OS that supports dynamic path selection

o The list of paths are shown in the order used for the driver
to choose the active path (the first path listed is chosen
first)

o The volume that is associated with the disk is the selected
mpgroup path and is listed first

In this example, the selected path is vol-ldg2@opath-ldg2. The ldm
list-bindings output shows that the active path is vol-ldg1@opath-vds
instead of the selected path. This situation might occur if the
selected path failed for some reason and the driver chose the second
path from the list to be active. Even if your selected path becomes
available in the meantime, the driver-chosen path continues as the
active path. To make the first path active again, re-issue the ldm set-
vdisk command to set the volume property to the name of the path you
want, vol-ldg1@opath-vds.

primary# ldm list-bindings
DISK
NAME VOLUME TOUT ID DEVICE SERVER MPGROUP
disk disk-ldg4@primary-vds0 0 disk@0 primary
tdiskgroup vol-ldg2@opath-ldg2 1 disk@1 ldg2 testdiskgroup
PORT MPGROUP VOLUME MPGROUP SERVER STATE
2 vol-ldg2@opath-ldg2 ldg2 standby
0 vol-ldg1@opath-vds ldg1 active
1 vol-prim@primary-vds0 primary standby

Syntax:

ldm list-bindings [-e] [-o [network|net]] [-p] [domain-name...]

where:

o -e generates an extended listing containing services and
devices that are automatically set up, that is, not under
your control.

o -o [network|net] generates output for the virtual network
configuration, including virtual switches and virtual net-
works.

o -p generates the list in a parseable, machine-readable for-
mat.

o domain-name is the name of the logical domain for which you
want binding information.

List Services for Domains
The list-services subcommand lists all the services exported by logical
domains. If no logical domains are specified, all logical domains are
listed.

Syntax:

ldm list-services [-e] [-p] [domain-name...]

where:

o -e generates an extended listing containing services and
devices that are automatically set up, that is, not under
your control.

o -p generates the list in a parseable, machine-readable for-
mat.

o domain-name is the name of the logical domain for which you
want services information.

List Constraints for Domains
The list-constraints subcommand lists the constraints for the creation
of one or more logical domains. If no logical domains are specified,
all logical domains are listed.

Any resource that has been evacuated from the physical domain by a
recovery mode operation has an asterisk (*) in front of its resource
identifier.

Syntax:

ldm list-constraints [-x] [domain-name...]

ldm list-constraints [-e] [-p] [domain-name...]

where:

o -x writes the constraint output in XML format to the stan-
dard output (stdout) format. This output can be used as a
backup.

o domain-name is the name of the logical domain for which you
want to list constraints.

o -e generates an extended listing containing services and
devices that are automatically set up, that is, not under
your control.

o -p writes the constraint output in a parseable, machine-
readable form.

List CPU Core Activation Information
The list-permits subcommand lists CPU core activation information on
the Fujitsu M10 platform and the Fujitsu SPARC M12 platform. The PER-
MITS column shows the total number of CPU core activations that have
been issued. This total includes all permanent CPU core activations and
pay-per-use CPU core activations. A permanent CPU core activation is a
permit for a resource that can be used for an unlimited amount of time.
A pay-per-use CPU core activation is a permit for a resource that can
be used for a limited amount of time. The number of issued permanent
CPU core activations is shown in the PERMANENT column. The IN USE col-
umn shows the number of issued CPU core activations that are in use.
The REST column shows the number of CPU core activations that are
available for use.

Syntax:

ldm list-permits

List Devices
The list-devices subcommand lists either free (unbound) resources or
all server resources. The default is to list all free resources.

Syntax:

ldm list-devices [-a] [-B] [-p] [-S] [cmi] [core] [cpu] [io] [memory]

where:

o -a lists all server resources, bound and unbound.

o -B generates blacklisted and evacuation-pending core and
memory resource information.

o -p writes the constraint output in a parseable, machine-
readable form.

o cmi lists information about CMI devices, which includes any
unallocated virtual CPUs and cores that are associated with
those devices.

o core lists information about cores, the core ID and physical
CPU set, and specifies which CPUs in the core are still
unallocated.

o cpu lists CPU thread and physical CPU resources.

o memory lists only memory resources.

o io lists only input/output resources, such as a PCI bus, a
network, or direct I/O-assignable devices.

Note that resource IDs might have gaps in their numbering. The follow-
ing example indicates that core 2 is unavailable or might have been
disabled:

primary# ldm list-devices -a core
CORE
ID %FREE CPUSET
0 0 (0, 1, 2, 3, 4, 5, 6, 7)
1 100 (8, 9, 10, 11, 12, 13, 14, 15)
3 100 (24, 25, 26, 27, 28, 29, 30, 31)
4 100 (32, 33, 34, 35, 36, 37, 38, 39)
5 100 (40, 41, 42, 43, 44, 45, 46, 47)
6 100 (48, 49, 50, 51, 52, 53, 54, 55)

List I/O Devices
The list-io subcommand lists the I/O devices that are configured on the
system. The list of devices includes I/O buses (including NIUs) and
direct I/O-assignable devices.

The output is divided into the following sections:

o I/O bus information. The IO column lists the device path of
the bus or network device, and the PSEUDONYM column shows
the associated pseudonym for the bus or network device. The
DOMAIN column indicates the domain to which the device is
currently bound.

o Direct I/O-assignable devices. The PCIE column lists the
device path of the device, and the PSEUDONYM column shows
the associated pseudonym for the device.

The STATUS column applies to slots that accept plug-in cards as
well as to devices on a motherboard and can have one of the follow-
ing values:

o UNK - The device in the slot has been detected by the
firmware, but not by the OS.

o OCC - The device has been detected on the motherboard
or is a PCIe card in a slot.

o IOV - The bus has been initialized to share its IOV
resources.

o INV - The slot, virtual function, or physical function
is in an invalid state and cannot be used.

o EMP - The slot is empty.

Slots that represent on-board devices always have the status of
OCC. If the root domain does not support direct I/O, the slot sta-
tus is UNK.

Syntax:

ldm list-io [-l] [-p] [bus | device | pf-name]

ldm list-io -d pf-name

Any resource that has been evacuated from the physical domain by a
recovery mode operation has an asterisk (*) in front of its resource
identifier.

where:

o -l lists information about subdevices that are hosted by
direct I/O-assignable devices. Note that this output indi-
cates which devices will be loaned with the direct I/O-as-
signable device to the receiving domain. The subdevice names
cannot be used for command input.

o -p writes the output in a parseable, machine-readable form.

o -d pf-name lists information about the specified physical
function.

o bus, device, and pf-name are the names of a PCIe bus, a
direct I/O-assignable device, and a PCIe SR-IOV physical
function, respectively.

List Variables
The list-variable subcommand lists one or more variables for a logical
domain. To list all variables for a domain, leave the var-name blank.

Syntax:

ldm list-variable [var-name...] domain-name

where:

o var-name is the name of the variable to list. If you do not
specify any name, all variables will be listed for the
domain.

o domain-name is the name of the logical domain for which to
list one or more variables.

List Physical SCSI Host Bus Adapters
The list-hba subcommand lists the physical SCSI HBA initiator ports
available in all domains or in the specified domain. After identifying
a logical domain's SCSI HBA initiator ports, you can use the ldm add-
vsan command to create a virtual SAN by specifying the name of the ini-
tiator port.

Syntax:

ldm list-hba [-d | -u] [-l] [-p] [-t] [domain-name]

where:

o -d shows the SCSI devices under each initiator port. This
option is mutually exclusive with the -u option.

o -l shows more detailed output.

o -p shows output in a parseable form.

o -t shows the SCSI transport medium type, such as Fibre Chan-
nel.

o -u shows device-specific attributes such as the worldwide
number (WWN). This option is mutually exclusive with the -d
option.

o domain-name shows information only about the specified
domain.

List Virtual Storage Area Network Devices
The list-vsan subcommand lists the members of the specified virtual
SAN.

If mask=on, the output shows the WWN of each virtual SAN member. If
mask=off, the output states that the mask property value is off.

Syntax:

ldm list-vsan [-p] [vSAN-name]

where:

o -p generates the list in a parseable, machine-readable for-
mat.

o vSAN-name specifies the name of the virtual SAN instance.

List Network Devices
The list-netdev subcommand lists the network devices that are config-
ured on the system. The information provided about the device includes
the following:

o CLASS - One of the following network device types:

o AGGR - Network aggregation

o EOIB - Ethernet over InfiniBand

o ESTUB - Ethernet stub

o IPMP - IP network multipathing group

o PART - InfiniBand partition

o PHYS - Physical network device

o VLAN - Virtual local area network

o VNET - Virtual network device

o VNIC - Virtual network interface card

o VSW - Virtual switch device

o VXLAN - Virtual extended LAN

o MEDIA - Network media type, which can be ETHER for Ethernet
or IB for InfiniBand

o STATE - State of the network device, which can be up, down,
or unknown

o SPEED - Speed of the network device in megabits per second

o OVER - Physical device over which the network device is
mapped

o LOC - Location of the network device

Syntax:

ldm list-netdev [-b] [-l] [-p] [-o net-device] [domain-name]

where:

o -b enables you to list only the valid virtual switch backend
devices.

o -l lists information about network devices, virtual switch
devices, and aggregations.

o -p writes the output in a parseable, machine-readable form.

o -o net-device lists information about the specified network
device.

o domain-name specifies the logical domain for which to list
network device information.

List Network Device Statistics
The list-netstat subcommand lists statistics for the network devices
that are configured on the system. Statistical information is shown in
the following fields:

o IPACKETS shows the inbound packets

o OPACKETS shows the outbound packets

o RBYTES shows the received (inbound) byte count

o OBYTES shows the transmitted (outbound) byte count

Syntax:

ldm list-netstat [-c count] [-o net-device]
[-p] [-u unit] [-t interval] [domain-name...]

where:

o -c count specifies the number of times to report statis-
tics. A value of 0 reports statistics indefinitely.

o -o net-device lists information about the specified network
device.

o -p writes the output in a parseable, machine-readable form.

o -t interval specifies an interval in seconds at which sta-
tistics are refreshed. The default value is one second.

o -u unit specifies the unit in which to show output. Valid
values are:

o R specifies raw bytes

o K specifies kilobytes

o M specifies megabytes

o G specifies gigabytes

o domain-name specifies one or more domains for which to list
network device information.

List Dependencies
The list-dependencies subcommand lists the dependencies within domains.
When you specify no options, this command outputs a list of domains and
the domains on which they depend.

Syntax:

ldm list-dependencies [-l] [-p] [-r] [domain-name]

where:

o -l lists detailed information about dependencies.

o -p writes the output in a parseable, machine-readable form.

o -r shows dependents grouped by their dependencies.

o domain-name specifies the logical domain for which to list
dependency information. If domain-name is not specified,
dependency information is listed for all domains.

List Resource Groups
The list-rsrc-group subcommand shows information about a resource
group. When you specify no options, this command produces a short list-
ing for all resource groups in the system.

Syntax:

ldm list-rsrc-group [-a] [-d domain-name] [-l] [-o core|memory|io] [-p] [resource-group]

where:

o -a lists information about all resources for each resource
group. The output includes resources that are not bound to
any domain.

o -d domain-name shows information only about the specified
domain.

o -l lists detailed information about each resource group.

o -o core|memory|io lists information only about the speci-
fied resource type: core, memory, or I/O.

o -p writes the output in a parseable, machine-readable form.

o resource-group specifies the resource group.

List CMI Devices
The list-cmi subcommand shows information about the CMI devices that
are configured on a Fujitsu M10 server and a Fujitsu SPARC M12 server.
If no CMI devices are configured on the system, no output is shown.

The output is divided into the following sections:

o Allocation of CMI devices and the associated virtual CPUs
and cores.

o Bound. Shows domains that have CMI devices and the asso-
ciated virtual CPUs and cores bound to those domains.
These domains are targets for the grow-cmi and shrink-
cmi subcommands.

o Tenant. Shows domains that do not own any CMI devices
and the associated virtual CPUs and cores bound to those
domains. These domains are targets for the evict-cmi
subcommand.

o Free. Shows unallocated CMI devices and any unallocated
virtual CPUs or cores that are associated with those
devices.

o Message queue information.

When you specify the -l option, additional information is shown for the
virtual CPUs and cores that are associated with CMI devices. Further-
more, information about all virtual CPUs and cores that are associated
with each CMI device is prepended to the output, unless domain-name is
specified.

Syntax:

ldm list-cmi [-l] [-p] [cmi_id=ID[,ID[,...]]] [domain-name...]

where:

o -l lists physical CPU sets and core IDs.

o -p writes the output in a parseable, machine-readable form.

o cmi_id=ID[,...] specifies one or more CMI devices for which
to list information.

o domain-name specifies one or more logical domains for which
to list information.

List CPU Sockets
The list-socket subcommand shows information about CPU sockets on a
Fujitsu M10 server and a Fujitsu SPARC M12 server.

The output is divided into the following sections:

o CPU socket constraints specified for logical domains.

o Allocation of each CPU socket's virtual CPUs and cores.

o Tenant. Shows logical domains and the virtual CPUs and
cores bound to those domains.

o Free. Shows any unallocated virtual CPUs or cores.

o Allocation of each CPU socket's memory.

o Allocation of each CPU socket's I/O buses.

When you specify the -l option, additional information is shown for
virtual CPUs and cores. Furthermore, information about all virtual CPUs
and cores in each CPU socket is prepended to the output, unless domain-
name is specified.

Syntax:

ldm list-socket [--free] [-l] [-o format] [-p] [socket_id=ID[,ID[,...]]] [domain-name...]

where:

o --free lists free resources only.

o -l lists physical CPU sets and core IDs.

o -o limits the output format to one or more of the following
subsets. If you specify more than one format, delimit each
format by a comma with no spaces.

o raw - Output shows information about the physical CPU
set and cores IDs for all virtual CPUs and cores in a
CPU socket. No output is shown if domain-name is speci-
fied.

o constraint - Output shows CPU socket constraints. No
output is shown if the --free option is specified.

o cpu - Output shows information about virtual CPUs and
cores.

o memory - Output shows information about memory.

o physio - Output shows information about I/O buses.

o -p writes the output in a parseable, machine-readable form.

o socket_id=ID[,...] specifies one or more CPU sockets for
which to list information.

o domain-name specifies one or more logical domains for which
to list information.

Add, Set, and Remove Resource Management Policies
Add a Resource Management Policy
The add-policy subcommand enables you to add a resource management pol-
icy for one or more logical domains. A resource management policy con-
sists of optional properties and their values.

Syntax:

ldm add-policy [enable=yes|no] [priority=value] [attack=value] [decay=value]
[elastic-margin=value] [sample-rate=value] [tod-begin=hh:mm[:ss]] [tod-end=hh:mm[:ss]]
[util-lower=percent] [util-upper=percent] [vcpu-min=value] [vcpu-max=value]
name=policy-name domain-name...

where:

o attack=value specifies the maximum number of resources to be
added during any one resource control cycle. If the number
of available resources is less than the specified value, all
of the available resources are added. By default, the attack
is unlimited so that you can add as many CPU threads as are
available. If the domain is whole-core constrained, the
value must be a multiple of whole cores (typically 8). Valid
values are from 1 to the number of free CPU threads on the
system minus 1.

o decay=value specifies the maximum number of resources to be
removed during any one resource control cycle. Only the num-
ber of currently bound CPU threads minus the value of vcpu-
min can be removed even if the value specified by this prop-
erty is larger. By default, the value is >unlimited. If the
domain is whole-core constrained, the value must be a multi-
ple of whole cores (typically 8). Valid values are from 1 to
the total number of CPU threads on the system minus 1.

o elastic-margin=value specifies the amount of buffer space
between util-lower and the number of free CPU threads to
avoid oscillations at low CPU thread counts. This value can-
not be greater than util-upper. Valid values are from 0 to
100. If the domain is whole-core constrained, the default
value is 15. If the domain is not whole-core constrained,
the default value is 5.

o enable=yes|no enables or disables resource management for an
individual domain. By default, enable=yes.

o name=policy-name specifies the resource management policy
name.

o priority=value specifies a priority for dynamic resource
management (DRM) policies. Priority values are used to
determine the relationship between DRM policies in a single
domain and between DRM-enabled domains in a single system.
Lower numerical values represent higher (better) priorities.
Valid values are between 1 and 9999. The default value is
99.

The behavior of the priority property depends on whether a pool of
free CPU resources is available, as follows:

o Free CPU resources are available in the pool. In this
case, the priority property determines which DRM policy
will be in effect when more than one overlapping policy
is defined for a single domain.

o No free CPU resources are available in the pool. In this
case, the priority property specifies whether a resource
can be dynamically moved from a lower-priority domain to
a higher-priority domain in the same system. The prior-
ity of a domain is the priority specified by the DRM
policy that is in effect for that domain.

For example, a higher-priority domain can acquire CPU
resources from another domain that has a DRM policy with
a lower priority. This resource-acquisition capability
pertains only to domains that have DRM policies enabled.
Domains that have equal priority values are unaffected
by this capability. So, if the default priority is used
for all policies, domains cannot obtain resources from
lower-priority domains. To take advantage of this capa-
bility, adjust the priority property values so that they
have unequal values.

o sample-rate=value specifies the cycle time, in seconds,
which is the sample rate for DRM. Valid values are from 1 to
9999. The default and recommended value is 10.

o tod-begin=hh:mm[:ss] specifies the effective start time of a
policy in terms of hour, minute, and optional second. This
time must be earlier than the time specified by tod-end in a
period that begins at midnight and ends at 23:59:59. The
default value is 00:00:00.

o tod-end=hh:mm[:ss] specifies the effective stop time of a
policy in terms of hour, minute, and optional second. This
time must be later than the time specified by tod-begin in a
period that begins at midnight and ends at 23:59:59. The
default value is 23:59:59.

o util-lower=percent specifies the lower utilization level at
which policy analysis is triggered. Valid values are from 1
to util-upper minus 1. The default value is 30.

o util-upper=percent specifies the upper utilization level at
which policy analysis is triggered. Valid values are from
util-lower plus 1 to 99. The default value is 70.

o vcpu-max=value specifies the maximum number of CPU thread
resources for a domain. By default, the maximum number of
CPU threads is unlimited. If the domain is whole-core con-
strained, the value must be a multiple of whole cores (typi-
cally 8). Valid values are from vcpu-min plus 1 to the total
number of free CPU threads on the system.

o vcpu-min=value specifies the minimum number of CPU thread
resources for a domain. If the domain is whole-core con-
strained, the value must be a multiple of whole cores (typi-
cally 8). Valid values are from 2 to vcpu-max minus 1. The
default value is 2.

o domain-name specifies the logical domain for which to add a
resource management policy.

Modify a Resource Management Policy
The set-policy subcommand enables you to modify a resource management
policy for one or more logical domains by specifying values for
optional properties.

Syntax:

ldm set-policy [enable=[yes|no]] [priority=[value]] [attack=[value]] [decay=[value]]
[elastic-margin=[value]] [sample-rate=[value]] [tod-begin=[hh:mm:ss]]
[tod-end=[hh:mm:ss]] [util-lower=[percent]] [util-upper=[percent]] [vcpu-min=[value]]
[vcpu-max=[value]] name=policy-name domain-name...

where:

o The properties are described in the Add a Resource Manage-
ment Policy section.

o domain-name specifies the logical domain for which to modify
the resource management policy.

Remove a Resource Management Policy
The remove-policy subcommand enables you to remove a resource manage-
ment policy from a logical domain by specifying one or more policy
names.

Syntax:

ldm remove-policy [name=]policy-name... domain-name

where:

o The name property specifies the name of the resource manage-
ment policy, policy-name.

o domain-name specifies the logical domain on which to remove
the resource management policy.

Configure or Reconfigure a Domain From an XML File
The init-system subcommand enables you to use an existing configuration
to configure one or more guest domains, the control domain, or both
types of domains. The ldm init-system command takes an XML file (such
as the output of ldm list-constraints -x) as input, configures the
specified domains, and reboots the control domain. Run this command
with the factory default configuration.

Syntax:

ldm init-system [-frs] -i file

where:

o -i file specifies the XML configuration file to use to cre-
ate the logical domain.

o -f skips the factory-default configuration check and contin-
ues irrespective of what was already configured on the sys-
tem.

Use the -f option with caution. ldm init-system assumes
that the system is in the factory-default configuration, and
so directly applies the changes that are specified by the
XML file. Using -f when the system is in a configuration
other than the factory default will likely result in a sys-
tem that is not configured as specified by the XML file. One
or more changes might fail to be applied to the system
depending on the combination of changes in the XML file and
the initial configuration.

o -r reboots the system after configuration.

o -s restores only the virtual services configuration (vds,
vcc, and vsw).

Collect Hypervisor Dump Data
The hypervisor dump data collection subcommands apply to the process
that collects data from a hypervisor dump on the Fujitsu M10 platform
and the Fujitsu SPARC M12 platform only.

When a hypervisor abort event occurs, the contents of the hypervisor
memory are preserved by the firmware, and the system is rebooted with
the factory-default configuration. The ldmd daemon copies the preserved
contents of hypervisor memory to a file on the control domain that is
called /var/opt/SUNWldm/hvdump.N.gz. N is a number in the range 0-7,
inclusive. This file is a binary dump of the contents of hypervisor
memory at the time the hypervisor abort occurred.

List Hypervisor Dump Data
The list-hvdump subcommand shows the values of the hvdump and hvdump-
reboot properties that govern the hypervisor data collection process
that can be used on the Fujitsu M10 platform and the Fujitsu SPARC M12
platform.

Syntax:

ldm list-hvdump

Set Property Values for the Hypervisor Data Collection Process
The set-hvdump subcommand modifies the Fujitsu M10 and Fujitsu SPARC
M12 hypervisor data collection properties. You can set properties that
enable or disable the automatic hypervisor data collection process. You
can also set properties that enable or disable an automatic reboot to
restore the original configuration after collecting the data.

Syntax:

ldm set-hvdump [hvdump=on|off] [hvdump-reboot=on|off]

where:

o hvdump=on|off enables or disables the hypervisor data col-
lection process. The default value is on.

o hvdump-reboot=on|off enables or disables an automatic system
reboot after the hypervisor data collection process com-
pletes. The default value is off.

Manually Start the Hypervisor Data Collection Process
The start-hvdump subcommand manually starts the Fujitsu M10 and Fujitsu
SPARC M12 hypervisor data collection process if the automatic collec-
tion fails.

Syntax:

ldm start-hvdump

Perform CMI Operations
The CMI-related subcommands pertain only to the Fujitsu M10 platform
and the Fujitsu SPARC M12 platform.

In all of the CMI-related subcommands, specifying the number of CMI
devices automatically selects the CMI resources to be assigned or
removed. To explicitly assign or remove CMI resources, provide CMI ID
values with the cmi_ID property.

When you perform CMI-related operations, the domain must be inactive
or, if it is the primary domain, the domain must be in a delayed recon-
figuration.

Add CMI Devices
The add-cmi subcommand adds the specified number of CMI devices to a
domain.

If you bind an inactive domain with a CMI constraint, unspecified vir-
tual CPU, core, and memory constraints are automatically generated from
the CMI constraint and available resources.

Syntax:

ldm add-cmi num domain-name

ldm add-cmi cmi_id=ID[,ID[,...]] domain-name

where:

o num specifies the number of CMI resources to assign to the
domain.

o cmi_id=ID[,...] specifies one or more CMI devices to add to
a domain.

o domain-name specifies one or more logical domains to which
to assign the CMI devices.

Modify CMI Devices
The set-cmi subcommand specifies the number of CMI devices to assign to
a domain.

You can use the -f option to clear all existing virtual CPU, core, and
memory constraints. When you bind an inactive domain with a CMI con-
straint, these constraints are then automatically generated from the
CMI constraint and available resources.

Syntax:

ldm set-cmi [-f] num domain-name

ldm set-cmi [-f] cmi_id=[ID[,ID[,...]]] domain-name

where:

o -f clears all existing virtual CPU, core, and memory con-
straints.

o num specifies the number of CMI resources to assign to the
domain.

o cmi_id=ID[,...] specifies one or more CMI devices to add to
a domain. cmi_id= removes all specified CMI devices.

o domain-name specifies the domain to which the CMI devices
are assigned.

Remove CMI Devices
The remove-cmi subcommand specifies the number of CMI devices to remove
from a domain.

Syntax:

ldm remove-cmi [-f] num domain-name

ldm remove-cmi [-f] cmi_id=ID[,ID[,...]] domain-name

where:

o num specifies the number of CMI resources to remove from the
domain.

o cmi_id=ID[,...] specifies one or more CMI devices to remove
from a domain.

o domain-name specifies the domain from which the CMI devices
are removed.

Add CMI Device CPU Threads or CPU Cores
The grow-cmi subcommand enables you to add virtual CPUs or cores asso-
ciated with a particular CMI device to a domain with one or more CMI
resources. The specified CMI device must be assigned to the domain, and
the domain must be bound or active.

Syntax:

ldm grow-cmi vcpus=num cmi_id=ID domain-name

ldm grow-cmi cores=num cmi_id=ID domain-name

where:

o vcpus=num specifies the number of virtual CPUs to add to a
domain.

o cores=num specifies the number of cores to add to a domain.

o cmi_id=ID specifies a CMI device that is owned by the
domain.

o domain-name specifies the domain to which the virtual CPUs
or cores are added.

Remove CMI Device CPU Threads or CPU Cores
The shrink-cmi subcommand enables you to remove virtual CPUs or cores
associated with a particular CMI device from a domain with one or more
CMI resources. The specified CMI device must be assigned to the domain,
and the domain must be bound or active.

Syntax:

ldm shrink-cmi vcpus=num cmi_id=ID domain-name

ldm shrink-cmi cores=num cmi_id=ID domain-name

where:

o vcpus=num specifies the number of virtual CPUs to remove
from a domain.

o cores=num specifies the number of cores to remove from a
domain.

o cmi_id=ID specifies a CMI device that is owned by the
domain.

o domain-name specifies the domain to which the virtual CPUs
or cores are removed.

Evict CMI Device CPU Threads or CPU Cores
The evict-cmi subcommand enables you to remove virtual CPUs or cores
associated with a particular CMI device from a bound or active domain
that has no CMI devices assigned to it.

Run the list-cmi subcommand to determine the allocation of CMI devices
and their associated virtual CPUs and cores.

Syntax:

ldm evict-cmi vcpus=num cmi_id=ID domain-name

ldm evict-cmi cores=num cmi_id=ID domain-name

where:

o vcpus=num specifies the number of virtual CPUs to remove
from a domain.

o cores=num specifies the number of cores to remove from a
domain.

o cmi_id=ID specifies a CMI device.

o domain-name specifies the domain from which the virtual CPUs
or cores are removed.

Perform CPU Socket Operations
The CPU-socket-related commands pertain only to the Fujitsu M10 plat-
form and the Fujitsu SPARC M12 platform.

Add CPU Socket Threads, Cores, or Memory
The grow-socket subcommand enables you to add virtual CPUs, cores, or
memory associated with a particular CPU socket to a domain. The domain
must be bound or active.

If the domain has any CMI devices assigned to it, use the grow-cmi sub-
command to add virtual CPUs or cores to the domain.

Syntax:

ldm grow-socket vcpus=num socket_id=ID domain-name

ldm grow-socket cores=num socket_id=ID domain-name

ldm grow-socket memory=size[unit] socket_id=ID domain-name

where:

o vcpus=num specifies the number of virtual CPUs to add to a
domain.

o cores=num specifies the number of cores to add to a domain.

o memory=num specifies the amount of memory to add to a
domain. The default amount is size in bytes. If you want a
different unit of measurement, specify unit as one of the
following values using either uppercase or lowercase:

o G for gigabytes

o K for kilobytes

o M for megabytes

o socket_id=ID specifies the CPU socket.

o domain-name specifies the domain to which the virtual CPUs,
cores, or memory are added.

Specify CPU Socket Constraints
The set-socket subcommand specifies the CPU sockets from which a domain
can allocate virtual CPUs, cores, and memory.

When you bind an inactive domain with CPU socket constraints, virtual
CPUs, cores, and memory are selected only from the specified CPU sock-
ets. If no virtual CPU, core, or memory constraint is specified for the
domain, the resource constraint is automatically generated from the CPU
socket constraint and available resources. Use the -f option to clear
all existing virtual CPU, core, and memory constraints.

When you specify CPU socket constraints for a bound domain, existing
virtual CPU, core, and memory bindings are updated to be consistent
with the specified CPU socket constraints.

When you specify CPU socket constraints for an active domain, active
virtual CPU resources and real memory ranges are remapped so that the
underlying physical resources are consistent with the specified CPU
socket constraints.

If physical resources are removed from the system, CPU socket con-
straints might be degraded. After the physical resources are restored,
you can restore the original CPU socket constraints.

Syntax:

ldm set-socket [-f] [--remap] socket_id=[ID[,ID[,...]]] domain-name

ldm set-socket [-f] [--remap] --restore-degraded domain-name

where:

o -f clears all existing virtual CPU, core, and memory con-
straints for an inactive domain. If the domain is bound or
active, the resource constraints, the degraded CPU socket
constraints, or both might be modified if the specified CPU
sockets have fewer resources than the constraints.

o --remap moves active virtual resources that are bound to one
physical resource to another physical resource while the
domain that owns the virtual resource is running.

o --restore-degraded restores a domain to its original CPU
socket constraints after the addition of physical resources.

o socket_id=ID specifies one or more CPU sockets to which the
domain is constrained. Specifying socket_id= removes all CPU
socket constraints from the domain.

o domain-name specifies the domain to which the CPU socket
constraints are added.

Remove CPU Socket Threads, Cores, or Memory
The shrink-socket subcommand enables you to remove virtual CPUs, cores,
or memory associated with a particular CPU socket from a domain. The
domain must be bound or active.

If the domain has any CMI devices assigned to it, use the shrink-cmi
subcommand to remove virtual CPUs or cores from the domain.

Syntax:

ldm shrink-socket vcpus=num socket_id=ID domain-name

ldm shrink-socket cores=num socket_id=ID domain-name

ldm shrink-socket memory=size[unit] socket_id=ID domain-name

where:

o vcpus=num specifies the number of virtual CPUs to remove
from a domain.

o cores=num specifies the number of cores to remove from a
domain.

o memory=num specifies the amount of memory to remove from a
domain. The default amount is size in bytes. If you want a
different unit of measurement, specify unit as one of the
following values using either uppercase or lowercase:

o G for gigabytes

o K for kilobytes

o M for megabytes

o socket_id=ID specifies the CPU socket.

o domain-name specifies the domain from which the virtual
CPUs, cores, or memory are removed.

EXAMPLES
Example 1 Create Default Services

Set up the three default services, virtual disk server, virtual switch,
and virtual console concentrator so that you can export those services
to the guest domains.

primary# ldm add-vds primary-vds0 primary
primary# ldm add-vsw net-dev=net0 primary-vsw0 primary
primary# ldm add-vcc port-range=5000-5100 primary-vcc0 primary

Example 2 List Services

You can list services to ensure they have been created correctly or to
see what services you have available.

primary# ldm list-services primary
VCC
NAME LDOM PORT-RANGE
primary-vcc0 primary 5000-5100
VSW
NAME LDOM MAC NET-DEV DEVICE DEFAULT-VLAN-ID PVID VID MODE
primary-vsw0 primary 00:14:4f:f9:68:d0 net0 switch@0 1 1
VDS
NAME LDOM VOLUME OPTIONS MPGROUP DEVICE
primary-vds0 primary

Example 3 Set Up the Control Domain Initially

The control domain, named primary, is the initial domain that is
present when you install the Logical Domains Manager. The control
domain has a full complement of resources, and those resources depend
on what server you have. Set only those resources you want the control
domain to keep so that you can allocate the remaining resources to the
guest domains. Then save the configuration on the service processor.
You must reboot so the changes take effect.

You must enable the virtual network terminal server daemon, vntsd(8),
to use consoles on the guest domains.

primary# ldm start-reconf primary
primary# ldm set-vcpu 8 primary
primary# ldm set-memory 8G primary
primary# ldm add-spconfig initial
primary# shutdown -y -g0 -i6
primary# svcadm enable vntsd

Example 4 List Bindings

You can list bindings to see if the control domain has the resources
you specified, or what resources are bound to any domain.

primary# ldm list-bindings primary
NAME STATE FLAGS CONS VCPU MEMORY UTIL NORM UPTIME
primary active -n-cv- UART 8 16G 0.2% 0.2% 1d 18h 5m

UUID
d8d2db22-21b9-e5e6-d635-92036c711e65

MAC
00:21:28:c1:3f:3c

HOSTID
0x84c13f3c

CONTROL
failure-policy=ignore
extended-mapin-space=on
cpu-arch=native
rc-add-policy=
shutdown-group=0
perf-counters=global,htstrand

DEPENDENCY
master=

CORE
CID CPUSET
0 (0, 1, 2, 3, 4, 5, 6, 7)

VCPU
VID PID CID UTIL NORM STRAND
0 0 0 0.4% 0.4% 100%
1 1 0 0.2% 0.2% 100%
2 2 0 0.1% 0.1% 100%
3 3 0 0.1% 0.1% 100%
4 4 0 0.2% 0.2% 100%
5 5 0 0.5% 0.5% 100%
6 6 0 0.2% 0.2% 100%
7 7 0 1.2% 1.2% 100%

MEMORY
RA PA SIZE
0x20000000 0x20000000 8G
0x400000000 0x400000000 8G

VARIABLES
pm_boot_policy=disabled=1;ttfc=0;ttmr=0;

IO
DEVICE PSEUDONYM OPTIONS
pci@400 pci_0
niu@480 niu_0
pci@400/pci@1/pci@0/pci@8 /SYS/MB/RISER0/PCIE0
pci@400/pci@2/pci@0/pci@8 /SYS/MB/RISER1/PCIE1
pci@400/pci@1/pci@0/pci@6 /SYS/MB/RISER2/PCIE2
pci@400/pci@2/pci@0/pci@c /SYS/MB/RISER0/PCIE3
pci@400/pci@1/pci@0/pci@0 /SYS/MB/RISER1/PCIE4
pci@400/pci@2/pci@0/pci@a /SYS/MB/RISER2/PCIE5
pci@400/pci@1/pci@0/pci@4 /SYS/MB/SASHBA0
pci@400/pci@2/pci@0/pci@4 /SYS/MB/SASHBA1
pci@400/pci@2/pci@0/pci@6 /SYS/MB/NET0
pci@400/pci@2/pci@0/pci@7 /SYS/MB/NET2

VCC
NAME PORT-RANGE
primary-vcc0 5000-5100

VSW
NAME MAC NET-DEV ID DEVICE LINKPROP
primary-vsw0 00:14:4f:fa:0b:57 net0 0 switch@0

DEFAULT-VLAN-ID PVID VID MTU MODE INTER-VNET-LINK
1 1 1500 on

VDS
NAME VOLUME OPTIONS MPGROUP DEVICE
primary-vds0

VCONS
NAME SERVICE PORT LOGGING
UART

Example 5 List Network-Related Bindings

You can list bindings to obtain information about a domain's virtual
network configuration.

primary# ldm list-bindings -o network ldg3
NAME
ldg3

MAC
00:14:4f:fb:7d:03

VSW
NAME MAC NET-DEV DVID|PVID|VIDs
---- --- ------- --------------
vsw-ldg3 00:14:4f:fa:0b:57 - 1|1|--

NETWORK
NAME SERVICE MACADDRESS PVID|PVLAN|VIDs
---- ------- ---------- ---------------
vnet3 primary-vsw0@primary 00:14:4f:fa:e2:a1 1|--|--

PEER MACADDRESS PVID|PVLAN|VIDs
---- ---------- ---------------
primary-vsw0@primary 00:14:4f:fb:e8:d8 1|--|--

NAME SERVICE MACADDRESS PVID|PVLAN|VIDs
---- ------- ---------- ---------------
vnet1 primary-vsw1@primary 00:14:4f:f8:48:e5 1|--|--

PEER MACADDRESS PVID|PVLAN|VIDs
---- ---------- ---------------
primary-vsw1@primary 00:14:4f:fa:10:db 1|--|--
vnet2@ldg3 00:14:4f:fb:fe:ec 1|--|--
vnet4@ldg3 00:14:4f:f9:91:d0 1|--|--
vnet50@ldg3 00:14:4f:f8:71:10 1|--|--

Example 6 Create a Logical Domain

Ensure that you have the resources to create the desired guest domain
configuration, add the guest domain, add the resources and devices that
you want the domain to have, set boot parameters to tell the system how
to behave on startup, bind the resources to the domain, and save the
guest domain configuration in an XML file for backup. You also might
want to save the primary and guest domain configurations on the SP.
Then you can start the domain, find the TCP port of the domain, and
connect to it through the default virtual console service.

primary# ldm list-devices
primary# ldm add-domain ldg1
primary# ldm add-vcpu 8 ldg1
primary# ldm add-memory 8g ldg1
primary# ldm add-vnet vnet1 primary-vsw0 ldg1
primary# ldm add-vdsdev /dev/dsk/c0t1d0s2 vol1@primary-vds0
primary# ldm add-vdisk vdisk1 vol1@primary-vds0 ldg1
primary# ldm set-variable auto-boot\?=false ldg1
primary# ldm set-variable boot-device=vdisk1 ldg1
primary# ldm bind-domain ldg1
primary# ldm list-constraints -x ldg1 > ldg1.xml
primary# ldm add-spconfig ldg1_8cpu_1G
primary# ldm start-domain ldg1
primary# ldm list -l ldg1
primary# telnet localhost 5000

Example 7 Use One Terminal for Many Guest Domains

Normally, each guest domain you create has its own TCP port and con-
sole. Once you have created the first guest domain (ldg1 in this exam-
ple), you can use the ldm set-vcons command to attach all the other
domains (second domain is ldg2 in this example) to the same console
port. Note that the set-vcons subcommand works only on an inactive
domain.

primary# ldm set-vcons group=ldg1 service=primary-vcc0 ldg2

If you use the ldm list -l command after performing the set-vcons com-
mands on all guest domains except the first, you can see that all
domains are connected to the same port. See the vntsd(8) man page for
more information about using consoles.

Example 8 Add a Virtual PCI Bus to a Logical Domain

I/O domains are a type of service domain that have direct ownership of
and direct access to physical I/O devices. The I/O domain then provides
the service to the guest domain in the form of a virtual I/O device.
This example shows how to add a virtual PCI bus to a logical domain
when IOV is enabled.

primary# ldm add-io pci@7c0 ldg1

Example 9 Cancel Delayed Reconfiguration Operations for a Control
Domain

A delayed reconfiguration operation blocks configuration operations on
all other domains. There might be times when you want to cancel delayed
configuration operations for a control domain. For example, you might
do this so that you can perform other configuration commands on that
domain or other domains. With this command, you can undo the delayed
reconfiguration operation and do other configuration operations on this
or other domains.

primary# ldm cancel-operation reconf primary

Example 10 Migrate a Domain

You can migrate a logical domain to another machine. This example shows
a successful migration.

primary# ldm migrate-domain ldg1 root@dt90-187:ldg
Target password:

Example 11 List Configurations

The following examples show how to view the configurations. The first
command shows the configurations that are stored on the SP. The second
command shows the configurations on the SP as well as information about
the autosave configurations on the control domain.

primary# ldm list-spconfig
factory-default
3guests [current]
data1
reconfig_primary
split1
primary# ldm list-spconfig -r
3guests [newer]
data1 [newer]
reconfig_primary
split1
unit

Both the current 3guests configuration and the data1 configuration have
autosaved changes that have not been saved to the SP. If the system
performed a power cycle while in this state, the Logical Domains Man-
ager would perform the 3guests autosave based on the specified policy.
The autosave action is taken for 3guests because it is marked as cur-
rent.

The reconfig_primary and split1 autosave configurations are identical
to the versions on the SP, not newer versions.

The unit configuration only exists as an autosave configuration on the
control domain. There is no corresponding configuration for unit on the
SP. This situation might occur if the configuration was lost from the
SP. A configuration can be lost if the SP is replaced or if a problem
occurred with the persistent version of the configuration on the SP.
Note that using the remove-spconfig command to explicitly remove a con-
figuration also removes the autosave version on the control domain. As
a result, no remnants of the configuration remain on either the control
domain or on the SP.

Example 12 List I/O Devices

The following example lists the I/O devices on the system.

primary# ldm list-io
NAME TYPE BUS DOMAIN STATUS
---- ---- --- ------ ------
pci_0 BUS pci_0 primary IOV
niu_0 NIU niu_0 primary
/SYS/MB/RISER0/PCIE0 PCIE pci_0 primary EMP
/SYS/MB/RISER1/PCIE1 PCIE pci_0 primary EMP
/SYS/MB/RISER2/PCIE2 PCIE pci_0 primary EMP
/SYS/MB/RISER0/PCIE3 PCIE pci_0 primary OCC
/SYS/MB/RISER1/PCIE4 PCIE pci_0 primary OCC
/SYS/MB/RISER2/PCIE5 PCIE pci_0 primary EMP
/SYS/MB/SASHBA0 PCIE pci_0 primary OCC
/SYS/MB/SASHBA1 PCIE pci_0 primary OCC
/SYS/MB/NET0 PCIE pci_0 primary OCC
/SYS/MB/NET2 PCIE pci_0 primary OCC
/SYS/MB/RISER0/PCIE3/IOVIB.PF0 PF pci_0 primary
/SYS/MB/RISER1/PCIE4/IOVIB.PF0 PF pci_0 primary
/SYS/MB/NET0/IOVNET.PF0 PF pci_0 primary
/SYS/MB/NET0/IOVNET.PF1 PF pci_0 primary
/SYS/MB/NET2/IOVNET.PF0 PF pci_0 primary
/SYS/MB/NET2/IOVNET.PF1 PF pci_0 primary
/SYS/MB/RISER0/PCIE3/IOVIB.PF0.VF0 VF pci_0 primary
/SYS/MB/RISER0/PCIE3/IOVIB.PF0.VF1 VF pci_0 primary
/SYS/MB/RISER0/PCIE3/IOVIB.PF0.VF2 VF pci_0 iodom1
/SYS/MB/RISER0/PCIE3/IOVIB.PF0.VF3 VF pci_0 iodom1
/SYS/MB/RISER1/PCIE4/IOVIB.PF0.VF0 VF pci_0 primary
/SYS/MB/RISER1/PCIE4/IOVIB.PF0.VF1 VF pci_0 primary
/SYS/MB/RISER1/PCIE4/IOVIB.PF0.VF2 VF pci_0 iodom1
/SYS/MB/RISER1/PCIE4/IOVIB.PF0.VF3 VF pci_0 iodom1

Example 13 List CPU Core Activation Information

The following example shows information about the CPU core activations
on a Fujitsu M10 server and a Fujitsu SPARC M12 server. The PERMITS
column shows that 10 CPU core activations have been issued. This total
includes all permanent and pay-per-use CPU core activations. The PERMA-
NENT column shows that there are 10 permanent CPU core activations,
which means that there are no issued pay-per-use CPU core activations.
The IN USE column shows that only two of the CPU core activations are
currently in use. The REST column shows that eight CPU core activations
are available for use.

primary# ldm list-permits
CPU CORE
PERMITS (PERMANENT) IN USE REST
10 (10) 2 8

Example 14 Adding a Virtual SCSI HBA and a Virtual SAN

The following example shows how to create a virtual SAN for a specific
SCSI HBA initiator port and how to associate that virtual SAN with a
virtual SCSI HBA.

Identify the physical SCSI HBA initiator ports in the ldg1 domain.

primary# ldm list-hba -l ldg1
NAME VSAN
---- ----
/SYS/MB/SASHBA0/HBA0/PORT1
[/pci@300/pci@1/pci@0/pci@2/scsi@0/iport@1]
/SYS/MB/SASHBA0/HBA0/PORT2
[/pci@300/pci@1/pci@0/pci@2/scsi@0/iport@2]
/SYS/MB/SASHBA0/HBA0/PORT4
[/pci@300/pci@1/pci@0/pci@2/scsi@0/iport@4]
/SYS/MB/SASHBA0/HBA0/PORT8
[/pci@300/pci@1/pci@0/pci@2/scsi@0/iport@8]
/SYS/MB/PCIE1/HBA0/PORT0,0
[/pci@300/pci@1/pci@0/pci@4/SUNW,emlxs@0/fp@0,0]
/SYS/MB/PCIE1/HBA0,1/PORT0,0
[/pci@300/pci@1/pci@0/pci@4/SUNW,emlxs@0,1/fp@0,0]

Create a virtual SAN in the ldg1 logical domain to manage all SCSI
devices associated with the last initiator port in the list.

primary# ldm add-vsan /SYS/MB/PCIE1/HBA0,1/PORT0,0 port0 ldg1
/SYS/MB/PCIE1/HBA0,1/PORT0,0 resolved to device: /pci@300/pci@1/pci@0/pci@4/SUNW,emlxs@0,1/fp@0,0

Create a virtual SCSI HBA in the ldg2 logical domain that will cooper-
ate with the virtual SAN to send I/O requests to the physical SCSI
devices.

primary# ldm add-vhba port0_vhba port0 ldg2

Verify the presence of the newly created virtual SCSI HBA and virtual
SAN devices.

primary# ldm list -o san,hba ldg1 ldg2
NAME
ldg1

VSAN
NAME TYPE DEVICE IPORT
port0 VSAN [/pci@300/pci@1/pci@0/pci@4/SUNW,emlxs@0,1/fp@0,0]

------------------------------------------------------------------------------
NAME
ldg2

VHBA
NAME VSAN DEVICE TOUT SERVER
port0_vhba port0 0 ldg1

Example 15 List Network Devices

The following example shows network device information for the ldg1
domain.

primary# ldm list-netdev ldg1
DOMAIN
ldg1

NAME CLASS MEDIA STATE SPEED OVER LOC
---- ----- ----- ----- ----- ---- ---
net0 VNET ETHER up 1000 -- primary-vsw0/vnet0_ldg1
net3 PHYS ETHER up 10000 -- /SYS/MB/RISER1/PCIE4
net4 VSW ETHER up 10000 -- ldg1-vsw1
net1 PHYS ETHER up 10000 -- /SYS/MB/RISER1/PCIE4
net5 VNET ETHER up 10000 -- ldg1-vsw1/vnet1_ldg1
net6 VNET ETHER up 10000 -- ldg1-vsw1/vnet2_ldg1
aggr2 AGGR ETHER unknown 0 net1,net3 --
ldoms-vsw0.vport3 VNIC ETHER unknown 0 -- ldg1-vsw1/vnet2_ldg1
ldoms-vsw0.vport2 VNIC ETHER unknown 0 -- ldg1-vsw1/vnet1_ldg1
ldoms-vsw0.vport1 VNIC ETHER unknown 0 -- ldg1-vsw1/vnet2_ldg3
ldoms-vsw0.vport0 VNIC ETHER unknown 0 -- ldg1-vsw1/vnet2_ldg2

The following example shows a detailed listing of network devices on
the ldg1 domain by specifying the -l option.

primary# ldm list-netdev -l ldg1
DOMAIN
ldg1

NAME CLASS MEDIA STATE SPEED OVER LOC
---- ----- ----- ----- ----- ---- ---
net0 VNET ETHER up 0 -- primary-vsw0/vnet0_ldg1
[/virtual-devices@100/channel-devices@200/network@0]
MTU : 1500 [1500-1500]
IPADDR : 10.129.241.200/255.255.255.0
MAC_ADDRS : 00:14:4f:fb:9c:df

net3 PHYS ETHER up 10000 -- /SYS/MB/RISER1/PCIE4
[/pci@400/pci@1/pci@0/pci@0/network@0]
MTU : 1500 [576-15500]
MAC_ADDRS : a0:36:9f:0a:c5:d2

net4 VSW ETHER up 10000 -- ldg1-vsw1
[/virtual-devices@100/channel-devices@200/virtual-network-switch@0]
MTU : 1500 [1500-1500]
IPADDR : 192.168.1.2/255.255.255.0
MAC_ADDRS : 00:14:4f:fb:61:6e

net1 PHYS ETHER up 10000 -- /SYS/MB/RISER1/PCIE4
[/pci@400/pci@1/pci@0/pci@0/network@0,1]
MTU : 1500 [576-15500]
MAC_ADDRS : a0:36:9f:0a:c5:d2

net5 VNET ETHER up 0 -- ldg1-vsw1/vnet1_ldg1
[/virtual-devices@100/channel-devices@200/network@1]
MTU : 1500 [1500-1500]
IPADDR : 0.0.0.0 /255.0.0.0
: fe80::214:4fff:fef8:5062/ffc0::
MAC_ADDRS : 00:14:4f:f8:50:62

net6 VNET ETHER up 0 -- ldg1-vsw1/vnet2_ldg1
[/virtual-devices@100/channel-devices@200/network@2]
MTU : 1500 [1500-1500]
IPADDR : 0.0.0.0 /255.0.0.0
: fe80::214:4fff:fef8:af92/ffc0::
MAC_ADDRS : 00:14:4f:f8:af:92

aggr2 AGGR ETHER unknown 0 net1,net3 --
MODE : TRUNK
POLICY : L2,L3
LACP_MODE : ACTIVE
MEMBER : net1 [PORTSTATE = attached]
MEMBER : net3 [PORTSTATE = attached]
MAC_ADDRS : a0:36:9f:0a:c5:d2

ldoms-vsw0.vport3 VNIC ETHER unknown 0 -- ldg1-vsw1/vnet2_ldg1
MTU : 1500 [576-1500]
MAC_ADDRS : 00:14:4f:f8:af:92

ldoms-vsw0.vport2 VNIC ETHER unknown 0 -- ldg1-vsw1/vnet1_ldg1
MTU : 1500 [576-1500]
MAC_ADDRS : 00:14:4f:f8:50:62

ldoms-vsw0.vport1 VNIC ETHER unknown 0 -- ldg1-vsw1/vnet2_ldg3
MTU : 1500 [576-1500]
MAC_ADDRS : 00:14:4f:f9:d3:88

ldoms-vsw0.vport0 VNIC ETHER unknown 0 -- ldg1-vsw1/vnet2_ldg2
MTU : 1500 [576-1500]
MAC_ADDRS : 00:14:4f:fa:47:f4
: 00:14:4f:f9:65:b5
: 00:14:4f:f9:60:3f

Example 16 List Network Device Statistics

The following example shows the default network statistics for all the
domains in the system.

primary# ldm list-netstat
DOMAIN
primary

NAME IPACKETS RBYTES OPACKETS OBYTES
---- -------- ------ -------- ------
net3 0 0 0 0
net0 2.72M 778.27M 76.32K 6.01M
net4 2.72M 778.27M 76.32K 6.01M
net6 2 140 1.30K 18.17K
net7 0 0 0 0
net2 0 0 0 0
net1 0 0 0 0
aggr1 0 0 0 0
ldoms-vsw0.vport0 935.40K 74.59M 13.15K 984.43K
ldoms-vsw0.vport1 933.26K 74.37M 11.42K 745.15K
ldoms-vsw0.vport2 933.24K 74.37M 11.46K 747.66K
ldoms-vsw1.vport1 202.26K 17.99M 179.75K 15.69M
ldoms-vsw1.vport0 202.37K 18.00M 189.00K 16.24M
------------------------------------------------------------------------------
DOMAIN
ldg1

NAME IPACKETS RBYTES OPACKETS OBYTES
---- -------- ------ -------- ------
net0 5.19K 421.57K 68 4.70K
net3 0 0 2.07K 256.93K
net4 0 0 4.37K 560.17K
net1 0 0 2.29K 303.24K
net5 149 31.19K 78 17.00K
net6 147 30.51K 78 17.29K
aggr2 0 0 0 0
ldoms-vsw0.vport3 162 31.69K 52 14.11K
ldoms-vsw0.vport2 163 31.74K 51 13.76K
ldoms-vsw0.vport1 176 42.99K 25 1.50K
ldoms-vsw0.vport0 158 40.19K 45 4.42K
------------------------------------------------------------------------------
DOMAIN
ldg2

NAME IPACKETS RBYTES OPACKETS OBYTES
---- -------- ------ -------- ------
net0 5.17K 418.90K 71 4.88K
net1 2.70K 201.67K 2.63K 187.01K
net2 132 36.40K 1.51K 95.07K
------------------------------------------------------------------------------
DOMAIN
ldg3

NAME IPACKETS RBYTES OPACKETS OBYTES
---- -------- ------ -------- ------
net0 5.16K 417.43K 72 4.90K
net1 2.80K 206.12K 2.67K 190.36K
net2 118 35.00K 1.46K 87.78K

Example 17 List Dependencies

The following example shows detailed domain dependency information by
specifying the -l option.

primary# ldm list-dependencies -l
DOMAIN DEPENDENCY TYPE DEVICE
primary
svcdom
ldg0 primary VDISK primary-vds0/vdisk0
VNET primary-vsw0/vnet0
svcdom VDISK svcdom-vds0/vdisk1
VNET svcdom-vsw0/vnet1
ldg1 primary VDISK primary-vds0/vdisk0
VNET primary-vsw0/vnet0
IOV /SYS/MB/NET0/IOVNET.PF0.VF0
svcdom VDISK svcdom-vds0/vdisk1
VNET svcdom-vsw0/vnet1
IOV /SYS/MB/NET2/IOVNET.PF0.VF0

The following example shows detailed information about dependents
grouped by their dependencies by specifying both the -l and -r options.

primary# ldm list-dependencies -r -l
DOMAIN DEPENDENT TYPE DEVICE
primary ldg0 VDISK primary-vds0/vdisk0
VNET primary-vsw0/vnet0
ldg1 VDISK primary-vds0/vdisk0
VNET primary-vsw0/vnet0
IOV /SYS/MB/NET0/IOVNET.PF0.VF0
svcdom ldg0 VDISK svcdom-vds0/vdisk1
VNET svcdom-vsw0/vnet1
ldg1 VDISK svcdom-vds0/vdisk1
VNET svcdom-vsw0/vnet1
IOV /SYS/MB/NET2/IOVNET.PF0.VF0

Example 18 List Resource Groups

The following example lists information about the contents of each
resource group.

primary# ldm list-rsrc-group
NAME CORE MEMORY IO
/SYS/CMU1 12 512G 4
/SYS/CMU2 12 512G 4
/SYS/CMU3 12 512G 4

The following example lists detailed information about the contents of
the /SYS/CMU1 resource group.

primary# ldm list-rsrc-group -l /SYS/CMU1
NAME CORE MEMORY IO
/SYS/CMU1 12 512G 4
CORE
BOUND CID
primary (64,66,68,70,72,74,80,82,84,86,88,90)
MEMORY
PA SIZE BOUND
0x201ff0000000 256M _sys_
0x20000e400000 412M _sys_
0x200000000000 102M _sys_
0x200006600000 32M _sys_
0x200030000000 129792M primary
0x280000000000 128G primary
IO
DEVICE PSEUDONYM BOUND
pci@500 pci_8 primary
pci@540 pci_9 primary
pci@580 pci_10 primary
pci@5c0 pci_11 primary

Example 19 Obtaining Inter-Vnet Link Status

The following examples show information about whether inter-vnet links
are enabled or disabled when inter-vnet-link=auto.

o This example ldm list -o network output shows that inter-
vnet-link=auto for primary-vsw1 and that the number of vir-
tual networks is less than or equal to the maximum specified
by the ldmd/auto_inter_vnet_link_limit SMF property. As a
result, inter-vnet links are enabled. So, the value of the
INTER-VNET-LINK field is on/auto.

# ldm list -o network primary
NAME
primary

MAC
00:21:28:c1:40:5e

VSW
NAME MACADDRESS NET-DEV DVID|PVID|VIDs
---- ---------- ------- --------------
primary-vsw0 00:14:4f:fb:e8:d8 net0 1|1|--
DEVICE :switch@0 ID :0
LINKPROP :-- MTU :1500
INTER-VNET-LINK :on MODE :--

primary-vsw1 00:14:4f:f9:b6:21 -- 1|1|--
DEVICE :switch@1 ID :1
LINKPROP :-- MTU :1500
INTER-VNET-LINK :on/auto MODE :--

o This example ldm list -o network output shows that inter-
vnet-link=auto for primary-vsw1 and that the number of vir-
tual networks exceeds the maximum specified by the
ldmd/auto_inter_vnet_link_limit SMF property. As a result,
inter-vnet links are disabled. So, the value of the INTER-
VNET-LINK field is off/auto.

# ldm list -o network primary
NAME
primary

MAC
00:21:28:c1:40:5e

VSW
NAME MACADDRESS NET-DEV DVID|PVID|VIDs
---- ---------- ------- --------------
primary-vsw0 00:14:4f:fb:e8:d8 net0 1|1|--
DEVICE :switch@0 ID :0
LINKPROP :-- MTU :1500
INTER-VNET-LINK :on MODE :--

primary-vsw1 00:14:4f:f9:b6:21 -- 1|1|--
DEVICE :switch@1 ID :1
LINKPROP :-- MTU :1500
INTER-VNET-LINK :off/auto MODE :--

Example 20 Creating Virtual Switches and Virtual Networks that Report
Link States

o The following example adds the ldg1-vsw0 virtual switch to
the ldg1 guest domain. The virtual switch has a net-dev
value of net1. By default, the virtual switch has
linkprop=phys-state.

primary# ldm add-vsw net-dev=net1 ldg1-vsw0 ldg1
primary# ldm list -o network ldg1
...
VSW
NAME MACADDRESS NET-DEV DVID|PVID|VIDs
---- ---------- ------- --------------
ldg1-vsw0 00:14:4f:f8:3e:af net1 1|1|--
DEVICE :switch@0 ID :0
LINKPROP :phys-state MTU :1500
INTER-VNET-LINK :on/auto MODE :--
...

o The following example adds the ldg1-vnet1 virtual network to
the ldg1-vsw0 virtual switch on the ldg1 guest domain. By
default, the virtual network has linkprop=phys-state.

primary# ldm add-vnet ldg1-vnet1 ldg1-vsw0 ldg1
primary# ldm list -o network ldg1
...
NETWORK

NAME SERVICE MACADDRESS PVID|PVLAN|VIDs
---- ------- ---------- ---------------
ldg1-vnet1 ldg1-vsw0@ldg1 00:14:4f:fb:86:00 1|--|--
DEVICE :network@1 ID :1
LINKPROP :phys-state MTU :1500
MAXBW :-- MODE :--
CUSTOM :disable
PRIORITY :-- COS :--
PROTECTION :--
...

o The following example adds the ldg1-vnet2 virtual network to
the primary-vsw0 virtual switch on the ldg1 guest domain.
Even though primary-vsw0 does not have linkprop=phys-state,
the ldg1-vnet2 virtual network has linkprop=phys-state by
default.

primary# ldm add-vnet ldg1-vnet2 primary-vsw0 ldg1
primary# ldm list -o network ldg1
...
VSW
NAME MACADDRESS NET-DEV DVID|PVID|VIDs
---- ---------- ------- --------------
primary-vsw0 00:14:4f:f8:3c:a0 net0 1|1|--
DEVICE :switch@0 ID :0
LINKPROP :-- MTU :1500
INTER-VNET-LINK :on/auto MODE :--

NETWORK
NAME SERVICE MACADDRESS PVID|PVLAN|VIDs
---- ------- ---------- ---------------
ldg1-vnet2 primary-vsw0@primary 00:14:4f:fa:b0:bd 1|--|--
DEVICE :network@2 ID :2
LINKPROP :phys-state MTU :1500
MAXBW :-- MODE :--
CUSTOM :disable
PRIORITY :-- COS :--
PROTECTION :--
...

Example 21 Listing Custom Property Values

The following ldm list command shows a configuration that has the cus-
tom property set to enable, custom-max-mac-addrs=3, and custom-max-
vlans=3.

primary# ldm list ldg1
...
NAME SERVICE MACADDRESS PVID|PVLAN|VIDs
---- ------- ---------- ---------------
temp primary-vsw0@primary 00:14:4f:fb:03:fd 1|--|--
DEVICE :network@4 ID :4
LINKPROP :phys-state MTU :1500
MAXBW :-- MODE :--
CUSTOM :enable
MAX-CUSTOM-MACS:3 MAX-CUSTOM-VLANS:3
PRIORITY :-- COS :--
PROTECTION :--
...

EXIT STATUS
The following exit values are returned:

0 Successful completion.

>0 An error occurred.

ATTRIBUTES
See the attributes(7) man page for a description of the following
attributes.

+-------------------------------------------------------------+
|Attribute Type Attribute Value |
+-------------------------------------------------------------+
|Availability pkg:/system/ldoms/ldomsmanager |
+-------------------------------------------------------------+
|Interface Stability Uncommitted |
+-------------------------------------------------------------+

SEE ALSO
attributes(7), dumpadm(8), ifconfig(8), shutdown(8), vntsd(8)

Oracle VM Server for SPARC 3.6 Administration Guide

August 2018 ldm(8)