Oracle^® VM Server for SPARC 3.5 Administration Guide

Using Virtual NICs on Virtual Networks

The Oracle Solaris 11 OS enables you to define virtual networks that consist of virtual network interface cards (VNICs), virtual switches, and etherstubs. Oracle Solaris Zones virtualize operating system services and provide isolated and secure environments for running applications within the same Oracle Solaris OS instance of a logical domain.

Oracle Solaris 11 improves on the Oracle Solaris 10 “shared IP” zone model in which zones inherit network properties from the global zone and cannot set their own network address or other properties. Now, by using zones with virtual network devices, you can configure multiple isolated virtual NICs, associate zones with each virtual network, and establish rules for isolation, connectivity, and quality of service (QoS).

For more information, see the networking books in the Oracle Solaris 11.3 information library (http://docs.oracle.com/cd/E53394_01/).

A virtual network device in a logical domain can support multiple Oracle Solaris 11 virtual NICs. The virtual network device must be configured to support multiple MAC addresses, one for each virtual NIC it will support. Oracle Solaris zones in the logical domain connect to the virtual NICs.

Virtual NICs on Virtual Network Devices shows a logical domain, domain1, that provides a single virtual network device called vnet1 to the Oracle Solaris OS. This virtual network device can host multiple Oracle Solaris 11 virtual network devices, each of which has its own MAC address and can be assigned individually to a zone.

Within the domain1 domain are Oracle Solaris 11 zones: zone1 and zone2. Each zone is connected to the network by a virtual NIC based on the vnet1 virtual network device.

Figure 25  Virtual NICs on Virtual Network Devices

The following sections describe the configuring of virtual NICs on virtual network devices and the creating of zones in the domain with the virtual NICs:

• Configuring Virtual NICs on Virtual Network Devices

• Creating Oracle Solaris 11 Zones in a Domain

For information about using virtual NICs on Ethernet SR-IOV virtual functions, see the following sections:

• Creating Ethernet Virtual Functions

• Modifying Ethernet SR-IOV Virtual Functions

• Creating VNICs on SR-IOV Virtual Functions

Configuring Virtual NICs on Virtual Network Devices

To configure virtual NICs on virtual network devices, the control domain must run at least Oracle Solaris 11.1 SRU 4 OS and the guest domain must run at least the Oracle Solaris 11.1 OS.

To configure a virtual network device to host multiple MAC addresses, use the ldm add-vnet or ldm set-vnet command to specify one or more comma-separated values for the alt-mac-addrs property. Valid values are an octet MAC address and auto. The auto value indicates that the system generates the MAC address.

For example, you can specify three system-generated alternate MAC addresses for a virtual network device in either of the following ways:

• By using the ldm add-vnet command. The following ldm add-vnet command creates the vnet1 virtual network device on the domain1 domain and makes three system-generated MAC addresses available to the device.

  primary# ldm add-vnet alt-mac-addrs=auto,auto,auto vnet1 primary-vsw0 domain1

• By using a combination of the ldm add-vnet and ldm set-vnet commands. The following ldm add-vnet and ldm set-vnet commands show how to create a virtual network device and subsequently assign more MAC addresses to the existing virtual network device.

  The first command uses the ldm add-vnet command to create the vnet1 virtual network device on the domain1 domain. The second command uses the ldm set-vnet command to make three system-generated MAC addresses available to the vnet1 virtual network device.

  primary# ldm add-vnet vnet1 primary-vsw0 domain1
  primary# ldm set-vnet alt-mac-addrs=auto,auto,auto vnet1 domain1

Dynamically Updating Alternate MAC Addresses

You can use the ldm set-vnet command to perform an update on the alternate MAC address of a virtual network device dynamically. You can make this change when the update increases the total number of alternate MAC addresses of the virtual network device.

Both of the following commands are examples of dynamically adding an alternate MAC address to the vnet1 virtual network device on the ldg1 domain:

primary# ldm set-vnet alt-mac-addrs=+auto vnet1 ldg1

primary# ldm set-vnet auto-alt-mac-addrs=+1 vnet1 ldg1

The following ldm list output shows the MAC addresses that are associated with the vnet0 virtual network device on the ldg1 domain. 00:14:4f:f9:8a:c2 is the primary MAC address for vnet0 and 00:14:4f:f8:1c:a5 and 00:14:4f:f8:2c:22 are its two alternate MAC addresses.

primary# ldm list -o network ldg1
NETWORK
    NAME    SERVICE              MACADDRESS        PVID|PVLAN|VIDs
    ----    -------              ----------        ---------------
    vnet0   primary-vsw0@primary 00:14:4f:f9:8a:c2 1|--|--
                                 00:14:4f:f8:1c:a5
                                 00:14:4f:f8:2c:22

If you log in to the ldg1 domain, you can use the dladm show-phys -m command to view the MAC addresses that are associated with the net0 network device.

ldg1# dladm show-phys -m
LINK                SLOT     ADDRESS            INUSE CLIENT
net0                primary  0:14:4f:f9:8a:c2   yes   net0
                    1        0:14:4f:f8:1c:a5   no    --
                    2        0:14:4f:f8:2c:22   no    --

The dladm show-vnic command shows the alternate MAC address (00:14:4f:f8:2c:22) that is used to configure the virtual NIC:

ldg1# dladm show-vnic
LINK            OVER           SPEED  MACADDRESS        MACADDRTYPE IDS
vnic1           net0           0      0:14:4f:f8:2c:22  fixed       VID:0

While you can use the ldm set-vnet command to increase the number of alternate MAC addresses dynamically, you cannot update or remove existing alternate MAC addresses dynamically. If you modify or remove an alternate MAC address that is in use, the VNICs are left in an unusable state.

The following examples show the error you receive when attempting to dynamically remove or modify an existing alternate MAC addresses.

• The following example shows that attempting to dynamically remove the 00:15:4f:f9:41:c4 alternate MAC address from vnet2 on the ldg1 domain fails with an error:

  primary# ldm set-vnet alt-mac-addrs=-00:15:4f:f9:41:c4 vnet2 ldg1
  Please perform the operation while the LDom is bound or inactive

• The following example shows that attempting to modify an existing alternate MAC address with the auto value for vnet1 dynamically fails with an error:

  primary# ldm set-vnet alt-mac-addrs=auto vnet1 ldg1
  Please perform the operation while the LDom is bound or inactive

Creating Oracle Solaris 11 Zones in a Domain

After creating the virtual NICs in Configuring Virtual NICs on Virtual Network Devices, create a zone that is associated with an available MAC address. For information about Oracle Solaris Zones, see Creating and Using Oracle Solaris Zones.

Use the zonecfg command to specify a MAC address to use for a zone:

zonecfg:zone-name> set mac-address=[MAC-address,auto]

You can either specify a value of auto to choose one of the available MAC addresses automatically or provide a specific alternate MAC address that you created with the ldm set-vnet command.