Go to main content

man pages section 8: System Administration Commands

Exit Print View

Updated: Thursday, June 13, 2019
 
 

evsadm (8)

Name

evsadm - Creates and manages Elastic Virtual Switches (EVSes) and its resources, namely, IP networks (IPnets) and Virtual Ports (VPorts).

Synopsis

evsadm
evsadm set-prop -p <prop>=[<val>[,...]]
evsadm show-prop [[-c] -o <field>[,...]] [-p <prop>[,...]]
evsadm set-controlprop [-h host] -p {<prop>=[<val>[,...]]}[,...]
evsadm set-controlprop [-h host]
              -p uplink-port=<val>[,vlan-range=[<val>[,...]]]
                [,vxlan-range=[<val>[,...]]][,flat=yes|no]
evsadm show-controlprop [[-c] -o <field>[,...]] [-p <prop>[,...]]
evsadm create-evs [-T <tenantname>] [-p {<prop>=<val>[,...]}[,..]]
	  <evsname>
evsadm delete-evs [-T <tenantname>] <evsname>
evsadm show-evs [-f {<fname>=<val>[,...]}[,...]] [[-c] -o <field>[,...]]
	  [<evsname>]
evsadm add-ipnet [-T <tenantname>]
	  -p subnet=<val>[{,<prop>=<val>[,...]}[,...]] <evsname>/<ipnetname>
evsadm remove-ipnet [-T <tenantname>] <evsname>/<ipnetname>
evsadm show-ipnet [-f {<fname>=<val>[,...]}[,...]] [[-c] -o <field>[,...]]
	  [[<evsname>/][ipnetname]]
evsadm add-vport [-T <tenantname>] [-p {<prop>=val[,...]}[,...]]
	  <evsname>/<vportname>
evsadm remove-vport [-T <tenantname>] <evsname>/<vportname>
evsadm reset-vport [-T <tenantname>] <evsname>/<vportname>
evsadm show-vport [-f {<fname>=<val>[,...]}[,...]] [[-c] -o <field>[,...]]
	  [[<evsname>/][<vportname>]]
evsadm set-evsprop [-T <tenantname>] -p <prop>=[<val>[,...]]
<evsname>
evsadm show-evsprop [-f {<fname>=<val>[,...]}[,...]]
	  [[-c] -o <field>[,...]] [-p <prop>[,...]] [evsname]
evsadm set-vportprop [-T <tenantname>] -p <prop>=[<val>[,...]]
	  <evsname>/<vportname>
evsadm show-vportprop [-f {<fname>=<val>[,...]}[,...]]
	  [[-c] -o <field>[,...]] [-p <prop>[,...]] [[evsname/][vportname]]
evsadm set-ipnetprop [-T <tenantname>] -p <prop>=<val>
             <evsname>/<ipnetname>
evsadm show-ipnetprop [-f {<fname>=<val>[,...]}[,...]]
             [[-c] -o <field>[,...]] [-p <prop>[,...]] [[evsname/][ipnetname]]
evsadm help [subcommand-name]

Description

The evsadm command provides a set of subcommands to:

  • manage EVS

  • manage IP Network associated with EVS

  • manage virtual ports associated with EVS

Concepts

EVS

An Elastic Virtual Switch (EVS) is a virtual switch that spans one or more servers (physical machines). It represents an isolated L2 segment, and the L2 segment is implemented as Flat (untagged), VLAN or VXLAN. An EVS provides network connectivity between the Virtual Machines connected to it. There are two main resources associated with an EVS: IPnet and VPort.

IPnet

An IP network represents a block of either IPv4 or IPv6 addresses (that is, subnet) along with a default router for the block. Only one IPnet can be associated with an EVS. All the zones/VNICs that connect to the EVS, through a VPort, will get an IP address from the IPnet associated with the EVS.

VPort

A VPort represents the point of attachment between the VNIC and an EVS. It encapsulates various network configuration parameters such as, SLAs (maxbw, cos, and priority), IP address, and MAC address. This configuration is inherited by the VNIC when it connects to the VPort.

EVS Controller

Provides functionality for the configuration and administration of an EVS and all the resources associated with it. One controller should be used to manage all the EVSes in the network. The controller has properties associated with it that captures information that is necessary for implementing L2 segments across physical machines, and these properties can be administered through the set-controlprop subcommand. EVS Controller is implemented as a RAD module and exports RAD interfaces that are used by EVS clients.

EVS Manager

This is the entity that communicates with the EVS Controller to define L2 network topologies and the IP addresses used on those networks. So, evsadm(8) is an EVS Manager.

EVS Client

Through evsadm, using EVS, IPnet, and VPorts, one can define L2 network topologies and the IP addresses used on those networks. Then, use dladm(8) to connect the VNICs to these topologies or zonecfg(8) to connect the VNIC anets (therefore, zones) to these topologies. dladm(8) and zonecfg(8) form the clients of EVS controller, and they pull the information from the controller to retrieve VPort properties. (evsadm(8) was used to push the configuration into the controller to begin with). Note that both native and kernel zones are supported.

EVS Nodes

Any host that wants its VNICs or its Zone's VNIC anet resource to be part of an EVS. Existing tools, dladm(8), and zonecfg(8) have been modified to specify that the VNICs need to be part of an EVS.

Tenants

Tenants are used for namespace management. EVS and its resources defined within a tenant are not visible outside that tenant's namespace. It acts as a container to hold all the tenant's resources together.

Each evsadm subcommand operates on one of the above mentioned objects. The mapping is as shown below.

object
subcommands
EVS
create-evs, delete-evs, show-evs, set-evsprop, show-evsprop
IPnet
add-ipnet, remove-ipnet, show-ipnet, set-ipnetprop, show-ipnetprop
VPort
add-vport, remove-vport, show-vport, set-vportprop, show-vportprop, reset-vport
EVS Controller
set-controlprop, show-controlprop
EVS Client
set-prop, show-prop

An EVS, IPnet, and a VPort is identified by a name. The name cannot exceed more than 127 characters, and should be a combination of alphanumeric characters, along with '.' and '_'.

In addition, these names may also contain special delimiter characters '-'. These names indicate that the resources were created outside of evsadm. It contains a prefix (identifying the creator) followed by a '-' and a traditional resource name. For example sys-vport0, where, `sys' here means that the resource was created by system. This ensures that resources created using evsadm will never have naming conflicts. Accordingly, evsadm cannot be used to create resources that contain a '-'.

The evsadm command can run on any machine that can communicate with the machine running the EVS controller. It works along with a EVS controller to execute all the evsadm subcommands. Before using evsadm, one has to specify a hostname or the IP address of the EVS Controller. This can be done by setting the 'controller' property through 'set-prop' subcommand.

# evsadm set-prop -p controller=ssh://[username@]evs-controller.example.com
# evsadm show-prop
NAME            VALUE                              DEFAULT
controller      ssh://[username@]evs-controller.example.com   --

Where, the optional 'username' is an user assigned with Elastic Virtual Switch Administration RBAC profile (See prof_attr(5)). To simplify configuration, a user called 'evsuser' who has all the authorizations and privileges to perform EVS operations will be created when you install the mandatory EVS IPS package (service/network/evs). If you want to use the shipped 'evsuser', then you would set the controller property to:

# evsadm set-prop -p controller=ssh://evsuser@evs-controller.example.com

As you can see SSH is used to communicate with EVS controller. To make the communication non-interactive, you must setup SSH authentication with pre-shared public keys between the hosts (that is, the host where vsadm will be executed, and the EVS controller).


Note -  If EVS Manager, EVS Client, and EVS Controller are all on the same machine, then on that machine you can just use local connection (unix domain socket) instead of SSH on that machine, and set the controller property to UNIX RAD URI scheme like below:
# evsadm set-prop -p controller=unix://

Each subcommand of evsadm has options associated with it, and these options are described in the context of each subcommand below. Many of the subcommands have the following as a common option:

–T tenantname, –-tenant=tenantname

Specifies the name of the tenant in whose namespace the subcommand operation should apply. If not specified, then operation is assumed to be in the default tenant sys-global.

Required Rights Profile and Security Model

The user must have Elastic Virtual Switch Administration rights profile to execute the following subcommands:

create-evs      delete-evs   show-evs    set-evsprop show-evsprop
add-ipnet       remove-ipnet show-ipnet  set-ipnetprop show-ipnetprop	
add-vport       remove-vport show-vport  set-vportprop show-vportprop
reset-vport     set-prop                 set-controlprop

An user with Elastic Virtual Switch Observability rights profile can execute the following observability subcommands:

show-evs      show-evsprop    
show-ipnet    show-ipnetprop
show-vport    show-vportprop
show-prop     show-controlprop

Sub Commands


Note -  The evsadm command with no subcommand displays a concise summary of all the Elastic Virtual switches managed by the EVS controller. The display also contains IP networks and virtual ports associated with each of the EVS. See EXAMPLES, below, for more information.

The following subcommands are supported:

evsadm set-prop –p <prop>=[<val>[,...]]

Sets the values of a property for the host where the command is executed. The only supported property is 'controller'. Currently, this property only supports rad(8) SSH and UNIX URI schemes. See EXAMPLES, below, for more information.

–p <prop>=[<val>[,...]], -–prop <prop>=[<val>[,...]]

Name of the property to be set to the specified values. Only one property can be set at a time. Note that if <val> is not provided, the property will be reset to it's default value.

evsadm show-prop [[–c] –o <field>[,...]] [–p <prop>[,...]]

Show the current values of one or more properties for the current host. The only supported property is 'controller', and it specifies the EVS controller to connect to.

–o <field>[,...], -output=<field>[,...]

A case-insensitive, comma-separated list of output fields to display (Column selection). The field name must be one of the fields listed below, or the special value all to display all fields.

NAME

Name of the property

PERM

Permission of the property. It is either rw or r-.

VALUE

Value of the property

DEFAULT

Default value of the property

–c, –-parseable

Display using a stable machine-parseable format. The –o option is required with –c. See Parseable Output Format, below.

evsadm set-controlprop [–h host] –p uplink-port=<val>[,vlan-range=[<val>[,...]]] [,vxlan-range=[<val>[,...]]] [,flat=yes|no]

Modifies the EVS controller's property to the value specified by the user. For the list of Controller properties and their possible values see the, Controller Properties section below. These properties can be retrieved using show-controlprop subcommand.

While setting an uplink-port property, one can optionally specify vlan-range, vxlan-range, or flat. If vlan-range is specified, then it means that the corresponding uplink-port will support those VLAN IDs. If vxlan-range is specified, then it means that the corresponding uplink-port will support those VXLAN IDs. If flat is specified, then it means that the corresponding uplink-port will support flat network type. If an EVS Node has multiple uplink ports, then vlan-range, vxlan-range, and flat facilitates in uniquely identifying a single uplink-port to create VNICs for that EVS Node. Please refer to EXAMPLES section for more information.

To reset property values, set the property with an empty value.

One can set the controller's properties from any of the EVS components as long as the controller is accessible from that component.

–h, –-host

The property being set is applicable only to the specified host

–p <prop>=[<val>[,...]], –-prop <prop>=[<val>[,...]]
–p uplink-port=<val>[,vlan-range=[<val>[,...]]] [,vxlan-range=[<val>[,...]]][,flat=yes|no]

Name of the controller property to be set to the specified values on the EVS controller. If the property takes multiple values, then the values should be specified with a comma as the delimiter. Only one property can be specified at a time. Note that if <val> is not provided, the property will be reset to it's default value.

If the property being set is uplink-port, then one can specify additional metadata through vlan-range, vxlan-range, and flat.

evsadm show-controlprop [[–c] –o <field>[,...]] [–p <prop>[,...]]

Show the current values of one or more properties for the controller. If no properties are specified, then all available Controller properties are displayed. For list of Controller properties see the, Controller Properties section below.

–o <field>[,...], –-output=<field>[,...]

A case-insensitive, comma-separated list of output fields to display (Column selection). The field name must be one of the fields listed below, or the special value all to display all fields.

PROPERTY

Name of controller property

PERM

Permission of controller property

VALUE

Value of controller property

DEFAULT

Default value of controller property

HOST

If the value is '--', then the property applies to all the hosts, or is of global scope. Otherwise, it specifies that the property is applicable to that particular host.

VLAN_RANGE

Represents a comma separated range of VLAN IDs that will be served by the corresponding uplink-port. This field will have value only for uplink-port and for the rest of the properties '--' will be shown.

VXLAN_RANGE

Represents a comma separated range of VXLAN IDs that will be served by the corresponding uplink-port. This field will have value only for uplink-port or vxlan-addr and for the rest of the properties '--' will be shown.

FLAT

Specifies if a given uplink-port supports Flat (untagged) network type. The displayed values will be yes or no.

–c, –-parseable

Display using a stable machine-parseable format. The –o option is required with –c. See the, Parseable Output Format section below.

evsadm create-evs [–T <tenantname>] [–p {<prop>=<val>[,...]}[,..]] <evsname>

Create an EVS with name evsname. If a tenant name is specified, then the EVS is created within the namespace of that tenant otherwise it will be created in the default tenant sys-global.

–T, –-Tenant

See the CONCEPTS section above for more information on –T option.

–p {<prop>=<val>[,...]}[,..], –-prop {<prop>=<val>[,...]}[,..]

A comma-separated list of EVS properties to set to the specified values on the EVS being created. Please see, EVS Properties section below for more information on the supported properties.

evsadm delete-evs [–T <tenantname>] <evsname>

Deletes the specified EVS. This operation fails if any one of the VPort is in use. A VPort is in use if it has a VNIC connected to it. If none of the VPorts are in use, then this operation will delete all the VPorts and IPnets associated with the EVS. The STATUS field in show-evs output displays whether an EVS is busy or idle.

–T, –-Tenant

See the CONCEPTS section above for more information on –T option.

evsadm show-evs [–f {<fname>=<val>[,...]}[,...]] [[–c] –o <field>[,...]] [<evsname>]

Show EVS information either for all the EVSes managed by the EVS controller or for the specified EVS.

–f {<fname>=<val>[,...]}[,...], –-filter {<fname>=<val>[,...]}[,...]

A comma-separated name-value pairs used to filter the output (Row selection). If multiple filters are specified, then the displayed output is a result of AND operation among the filters. If the filter value is multi-valued, then the displayed output is a result of OR operation among the filter values. The supported filters are:

tenant

Filters the EVS by tenant name

evs

Filters the EVS by EVS name

host

Filters the EVS by host name

ipnet

Filters the EVS by ipnet name

vport

Filters the EVS by vport name


Note -  EVSes can be filtered by their property names. So, all EVS properties are valid filters. For list of EVS properties, see the EVS Properties section below.
–L, –-l2-type

An EVS represents an isolated L2 segment. To implement or realize this, Flat (untagged), VLAN or VXLAN will be used. This option provides that information through following fields.

EVS

Name of the EVS

TENANT

Name of the tenant that owns the EVS

L2TYPE

Type of L2 network

VID

VLAN ID used to implement the EVS

VNI

VXLAN segment ID used to implement the EVS

–o <field>[,...], –-output=<field>[,...]

A case-insensitive, comma-separated list of output fields to display (Column selection). The field name must be one of the fields listed below, or the special value all to display all fields.

EVS

Name of the EVS

TENANT

Name of the tenant that owns the EVS

STATUS

Whether EVS is idle or busy. EVS is busy if it has atleast one VPort that has VNIC connected to it.

NVPORTS

Number of virtual ports associated with the EVS.

IPNETS

The list of IP networks associated with the EVS. Currently only one IP network can be associated with an EVS.

HOST

The list of hosts that the EVS spans across.

–c, –-parseable

Display using a stable machine-parseable format. The –o option is required with –c. See Parseable Output Format, below.

evsadm add-ipnet [–T <tenantname>] –p subnet=<val>[{,<prop>=<val>[,...]}[,...]] <evsname>/<ipnetname>

Add an ipnet with name ipnetname for the given EVS evsname. If tenant name is specified, then the ipnet will be associated with the EVS evsname in tenant tenantname namespace.

–T, –-Tenant

See the CONCEPTS section above for more information on –T option.

–p {<prop>=<val>[,...]}[,..], –-prop {<prop>=<val>[,...]}[,..]

A comma-separated list of IPnet properties to set to the specified values on the EVS being created. Please see IPnet Properties section below for more information on the supported properties. Note that 'subnet' is a required property and operation fails if it's not specified.

evsadm remove-ipnet [–T <tenantname>] <evsname>/<ipnetname>

Removes the specified ipnet ipnetname from an EVS evsname. This operation fails if any one of the VPorts is in use. A VPort is in use if it has a VNIC connected to it.

–T, –-Tenant

See the CONCEPTS section above for more information on –T option.

evsadm show-ipnet [–f {<fname>=<val>[,...]}[,...]] [[–c] –o <field>[,...]] [ipnetname]

Show IPnet information either for all the IPnets managed by the EVS controller or for the specified IPnet.

–f {<fname>=<val>[,...]}[,...], -filter {<fname>=<val>[,...]}[,...]

A comma-separated name-value pairs used to filter the output (Row selection). If multiple filters are specified, then the displayed output is a result of AND operation among the filters. If the filter value is multi-valued, then the displayed output is a result of OR operation among the filter values. The supported filters are:

tenant

Filters the ipnet by tenant name

evs

Filters the ipnet by EVS name

ipnet

Filters the ipnet by ipnet name

host

Filters the ipnet by host name

IPnets can be filtered by their property names. So, all IPnet properties are valid filters. For the list of IPnet properties, see the IPnet Properties section below.

–o <field>[,...], –-output=<field>[,...]

A case-insensitive, comma-separated list of output fields to display (Column selection). The field name must be one of the fields listed below, or the special value all to display all fields.

NAME

Name of the ipnet along with name of the EVS with which it is associated. It's of the form evsname/ipnetname.

IPNET

Name of the ipnet

EVS

Name of the EVS

TENANT

The name of the tenant that owns the EVS.

SUBNET

Represents the subnet (either IPv4 or IPv6) for this IPnet.

START

Start address of the IP address range.

END

End address of the IP address range.

DEFROUTER

The IP address of the default router for the given ipnet.

AVAILRANGE

A comma-separated list of available IP addresses that can be assigned to VPort.

–c, –-parseable

Display using a stable machine-parseable format. The –o option is required with –c. See Parseable Output Format, below.

evsadm add-vport [–T <tenantname>] [–p {<prop>=val[,...]}[,...]] <evsname>/<vportname>

Add a VPort with name vportname for the given EVS evsname. If tenant name is specified, then the VPort will be associated with the EVS evsname in tenant tenantname namespace.

When a VPort is created, it will be assigned a random MAC address and an IP address from the ipnet address range. Therefore, it's absolutely necessary to associate an IPnet with an EVS before adding VPorts to it.

Note that it is not necessary to add a VPort to an EVS. When a VNIC is being created, it's just sufficient to give the EVS name to connect the VNIC to. In such cases, the controller will generate a system VPort (identified by the prefix 'sys-' in VPort name), and it inherits the EVS properties.

The advantage of explicitly creating a VPort is that you can specify the desired properties for that VPort while creating one, and you can also modify them after creation. On the other hand one can neither specify nor modify the properties of system VPorts.

–T, –-Tenant

See the CONCEPTS section above for more information on –T option.

–p {<prop>=<val>[,...]}[,..]

A comma-separated list of VPort properties to set to the specified values on the VPort being created. Please see Virtual Port Properties section below for more information on the supported properties.

evsadm remove-vport [–T <tenantname>] <evsname>/<vportname>

Removes the specified VPort. When a VPort is removed, the IP address and the MAC address associated with the VPort is released.

Note that if there is a VNIC associated with this VPort, then the removal of the VPort fails.

–T, –-Tenant

See the CONCEPTS section above for more information on –T option.

evsadm reset-vport [–T <tenantname>] <evsname>/<vportname>

Resets the specified VPort. When a VPort is associated with a VNIC which actually does not exist, you can release this VPort by resetting it. A system VPort will be deleted on reset.

–T, –-Tenant

See the CONCEPTS section above for more information on –T option.

evsadm show-vport [–f {<fname>=<val>[,...]}[,...]] [[–c] –o <field>[,...]] [[<evsname>/][<vportname>]]

Show VPort information either for all the VPorts managed by the EVS controller or for the specified VPort.

–f {<fname>=<val>[,...]}[,...], –-filter {<fname>=<val>[,...]}[,...]

A comma-separated name-value pairs used to filter the output (Row selection). If multiple filters are specified, then the displayed output is a result of AND operation among the filters. If the filter value is multi-valued, then the displayed output is a result of OR operation among the filter values. The supported filters are:

tenant

Filters the VPort by tenant name

evs

Filters the VPort by EVS name

vport

Filters the VPort by VPort name

host

Filters the VPort by host name

VPorts can be filtered by their property names. So, all VPort properties are valid filters. For list of VPort properties see the VPort Properties section below.

–o <field>[,...], –-output=<field>[,...]

A case-insensitive, comma-separated list of output fields to display (Column selection). The field name must be one of the fields listed below, or the special value all to display all fields.

NAME

Name of the VPort along with name of the EVS with which it is associated. It's of the form evsname/vportname.

VPORT

Name of the VPort

EVS

Name of the EVS

TENANT

Name of the tenant that owns the EVS

STATUS

Whether VPort is used or free. A VPort is used if it has a VNIC associated with it. Otherwise it's free.

VNIC

Name of the VNIC associated with the VPort.

HOST

The host that has the VNIC associated with the VPort.

–c, –-parseable

Display using a stable machine-parseable format. The –o option is required with –c. See Parseable Output Format, below.

evsadm set-evsprop [–T <tenantname>] –p <prop>=[<val>[,...]] <evsname>

Sets the values of a property on the specified evsname. For the list of EVS properties and their possible values please see the EVS Properties section below. These properties can be retrieved using show-evsprop subcommand.

–T, –-Tenant

See the CONCEPTS section above for more information on –T option.

–p <prop>=[<val>[,...]], –-prop <prop>=[<val>[,...]]

Name of the property to set to the specified values. Note that if <val> is not provided, the property will be reset to its default value.

evsadm show-evsprop [–f {<fname>=<val>[,...]}[,...] [[–c] –o <field>[,...]] [–p <prop>[,...]] [evsname]

Show the current values of one or more properties, either for all EVS or for the specified EVS. If no properties are specified, then all available EVS properties are displayed. For list of EVS properties see the EVS Properties section below.

–f {<fname>=<val>[,...]}[,...], –-filter {<fname>=<val>[,...]}[,...]

A comma-separated name-value pairs used to filter the output (Row selection). If multiple filters are specified, then the displayed output is a result of AND operation among the filters. If the filter value is multi-valued, then the displayed output is a result of OR operation among the filter values. The supported filters are:

tenant

Filters the EVS by tenant name

evs

Filters the EVS by EVS name

host

Filters the EVS by host name

–o <field>[,...], –-output=<field>[,...]

A case-insensitive, comma-separated list of output fields to display (Column selection). The field name must be one of the fields listed below, or the special value all to display all fields.

EVS

Name of the EVS

TENANT

Name of the tenant that owns the EVS

PROPERTY

Name of the EVS property

PERM

The read/write permissions of the property. The value shown is one of r- or rw.

VALUE

The current property value. If the value is not set, it is shown as '--'. If it is unknown, the value is shown as '?'.

EFFECTIVE

The effective property value chosen by the system. The system selects the VPort property in the following order:

  1. The current VPort property value

  2. The current EVS property value

  3. The default VPort property value

DEFAULT

The default value of the property. If the property has no default value, '--' is shown.

POSSIBLE

A comma-separated list of the values the property can have. If the values span a numeric range, min - max might be shown as shorthand. If the possible values are unknown or unbounded, '--' is shown.

evsadm set-vportprop [–T <tenantname>] –p <prop>=[<val>[,...]] <evsname>/<vportname>

Sets the values of a property on the specified vportname. For the list of VPort properties and their possible values see the Virtual Port Properties section below. These properties can be retrieved using show-vportprop subcommand.

If the VPort has a VNIC connected to it, then setting the property on that VPort results in change of VNIC's property as well.

Note that changing the property of system VPort is not allowed. For more information on system VPort see add-vport subcommand.

–T, –-Tenant

See the CONCEPTS section above for more information on –T option.

–p <prop>=[<val>[,...]], –-prop <prop>=[<val>[,...]]

Name of the property to set to the specified values. Note that if <val> is not provided, the property will be reset to its default value.

evsadm show-vportprop [–f {<fname>=<val>[,...]}[,...] [[–c] –o <field>[,...]] [–p <prop>[,...]] [[evsname/][vportname]]

Show the current values of one or more properties, either for all VPorts or for the specified VPort. If no properties are specified, then all available VPort properties are displayed. For list of VPort properties see the Virtual Port Properties section below.

[–f {<fname>=<val>[,...]}[,...], –-filter <fname>=<val>[,...]

A comma-separated name-value pairs used to filter the output (Row selection). If multiple filters are specified, then the displayed output is a result of AND operation among the filters. If the filter value is multi-valued, then the displayed output is a result of OR operation among the filter values. The supported filters are:

tenant

Filters VPort by tenant name

evs

Filters VPort by EVS name

vport

Filters VPort by VPort name

host

Filters VPort by host name

–o <field>[,...], –-output=<field>[,...]

A case-insensitive, comma-separated list of output fields to display (Column selection). The field name must be one of the fields listed below, or the special value all to display all fields.

NAME

Name of the VPort along with name of the EVS with which it is associated. It's of the form evsname/vportname.

VPORT

Name of the VPort

EVS

Name of the EVS

TENANT

Name of the tenant that owns the EVS

PROPERTY

Name of the VPort property

PERM

The read/write permissions of the property. The value shown is one of r- or rw.

VALUE

The current property value. If the value is not set, it is shown as '--'. If it is unknown, the value is shown as '?'.

DEFAULT

The default value of the property. If the property has no default value, '--' is shown.

POSSIBLE

A comma-separated list of the values the property can have. If the values span a numeric range, min - max might be shown as shorthand. If the possible values are unknown or unbounded, '--' is shown.

evsadm set-ipnetprop [–T <tenantname>] –p {<prop>=[<val>[,...]]}[,...] <evsname>/<ipnetname>

Sets the values of a property on the specified ipnetname. For the list of IPnet properties and their possible values see the IP network Properties section below. These properties can be retrieved using show-ipnetprop subcommand.

–T, –-Tenant

See the CONCEPTS section above for more information on –T option.

–p <prop>=[<val>[,...]], –-prop <prop>=[<val>[,...]]

Name of the property to set to the specified values. Note that if <val> is not provided, the property will be reset to its default value.

evsadm show-ipnetprop [–f {<fname>=<val>[,...]}[,...] [[–c] –o <field>[,...]] [–p <prop>[,...]] [[evsname/][ipnetname]]

Shows the current values of one or more properties, either for all IPnets or for the specified IPnet. If no properties are specified, then all available IPnet properties are displayed. For list of IPnet properties see the IP Network Properties section below.

[–f {<fname>=<val>[,...]}[,...], –-filter <fname>=<val>[,...]

A comma-separated name-value pairs used to filter the output (Row selection). If multiple filters are specified, then the displayed output is a result of AND operation among the filters. If the filter value is multi-valued, then the displayed output is a result of OR operation among the filter values. The supported filters are:

tenant

Filters IPnet by tenant name

evs

Filters IPnet by EVS name

ipnet

Filters IPnet by IPnet name

host

Filters IPnet by host name

–o <field>[,...], –-output=<field>[,...]

A case-insensitive, comma-separated list of output fields to display (Column selection). The field name must be one of the fields listed below, or the special value all to display all fields.

NAME

Name of the IPnet along with name of the EVS with which it is associated. It is of the form evsname/ipnetname

IPNET

Name of the IPNET

EVS

Name of the EVS

TENANT

Name of the tenant that owns the EVS

PROPERTY

Name of the IPnet property

PERM

The read/write permissions of the property. The value shown is one of r- or rw

VALUE

The current property value. If the value is not set, it is shown as '--'. If it is unknown, the value is shown as '?'

DEFAULT

The default value of the property. If the property has no default value, '--' is shown

POSSIBLE

A comma-separated list of the values the property can have. If the values span a numeric range, min - max might be shown as shorthand. If the possible values are unknown or unbounded, '--' is shown.

evsadm help [subcommand-name]

Displays all the supported evsadm subcommands or usage for a given subcommand. If you invoke help for a specific subcommand, the command syntax is displayed. Using evsadm help without any argument displays all of the supported subcommands.

Parseable Output Format

Many evsadm subcommands have an option that displays output in a machine-parseable format. The output format is one or more lines of colon (:) delimited fields. The fields displayed are specific to the subcommand used and are listed under the entry for the –o option for a given subcommand. Output includes only those fields requested by means of the –o option, in the order requested.

When you request multiple fields, any literal colon characters are escaped by a backslash (\) before being output. Similarly, literal backslash characters will also be escaped (\\). This escape format is parseable by using shell read(1) functions with the environment variable IFS=: (see EXAMPLES, below). Note that escaping is not done when you request only a single field.

Controller Properties

These properties hold information that are essential for implementation of virtual switches or L2 segments across physical machines. For most properties, the scope or applicability is entire data center or global in nature. However, there are some properties, namely, uri, uplink-port and vxlan-addr, whose values can be overridden on a per-host basis.

l2-type

Defines how an EVS will be implemented across physical machines. The possible values are "flat" (Untagged), "vlan", or "vxlan". By default the l2-type is "vlan". Note that, changing a l2-type will not effect those EVSes that were created prior to change. Only the EVSes created after the change will have new l2-type. This means that L2 segments based off Flat, VLAN and VXLAN can co-exist.

To realize Flat, all the VPorts of an EVS will be on the same network (which can also be shared with the hosts). The packets are are not tagged on such VPorts. All the VNICs (and thus VM instances) that connect to a flat l2-type EVS are created with VLAN ID set to 0. Such EVSes will be used to map directly to the existing physical networks.

To realize VLAN, all the VPorts of an EVS will be associated with the same VLAN ID. VLAN ID to use comes from the vlan-range property. This l2-type assumes that the physical network has been configured to send/receive packets on those VLANs or that a protocol like GVRP has been enabled in Oracle Solaris and on the switch fabric. Minimally, vlan-range and uplink-port must be specified. Otherwise, EVSes creation will fail.

To realize VXLAN, all the VPorts of an EVS will be associated with the same VXLAN ID. VXLAN ID to use comes from the vxlan-range property. Other VXLAN properties such as vxlan-addr, vxlan-group, vxlan-ipvers, and uplink-port influence how VXLAN will be created. Minimally, vxlan-range and either uplink-port or vxlan-addr must be specified. Otherwise EVSes creation will fail.

vlan-range

Comma-separated list of VLAN ID ranges that will be used for creating EVS. One VLAN ID will be consumed for every EVS created. VLAN ID provides isolation of packets between EVSes. Valid values are [1-4094].

vxlan-range

Comma-separated list of VXLAN segment number ranges that can be used for creating EVS. One VXLAN segment number will be consumed for every EVS created. VXLAN segment number provides Layer 2 isolation between EVSes. Valid values are [0 - 16777215].

vxlan-addr

Specifies the IP address on top of which VXLAN datalink should be created. This can be set to a subnet address as well.

vxlan-mgroup

The multicast address that needs to be used while creating VXLAN links. The VXLAN link will use this address to discover other VXLAN links on the same VXLAN segment. If this property is not set, the default all-host address will be used by the VXLAN link.

vxlan-ipvers

Represents the IP version of the address that must be used for the IP interface that will host VXLAN datalinks. The possible values are "v4" and "v6". The default value is "v4".

uplink-port

Specifies the datalink to be used for following network types: Flat, VLAN, and VXLAN.

uuid

An ID that uniquely identifies an EVS controller in the data center. It is a read-only property and its value is automatically generated when an EVS controller is installed.

uri_template

Specifies the template from which the actual RAD URI (see rad(8)) scheme is computed by EVS controller. The computed RAD URI will be used between EVS Controller and EVS nodes. The uri_template value is of the form ssh://[username@] or unix://[username@]. See EXAMPLES section below for the usage.

IPnet Properties

subnet

Represents the block of either IPv4 or IPv6 addresses. For IPv4, the value is specified as the standard IPv4 dotted-decimal form with prefix len, that is:

ddd.ddd.ddd.ddd/yy

Where, "ddd" is a one to three digit decimal number between 0 and 255, and "yy" is a one to two digit decimal number between 1 and 30.

For IPv6, the value is specified as the standard IPv6 text form with prefix len, that is:

ex:x:x:x:x:x:x:x/yyy

Where, "x"s are the hexadecimal values of the eight 16-bit pieces of the address, and "yy" is a one to three digit decimal number between 1 and 126.

defrouter

Default router specifies the gateway's IP address for the given subnet. This is optional and when not specified the first address in the range will be selected as the default router IP address.

pool

Represents a sub-ranges of IP addresses within a subnet. An IP address allocated to a virtual port will be picked from the pool instead of the entire subnet. Multiple ranges can be specified with comma as the delimiter and they cannot overlap each other. Each range is of the form start_ip_address-end_ip_address. Note that the start_ip_address and end_ip_address must be within the subnet.

Virtual Port Properties

cos

Sets the 802.1p priority on outbound packets on the virtual port. The values range from 0 to 7. When this property is set, all the outbound packets on the virtual port will have a VLAN tag with the priority field set to the property value. This can be used to provide differentiated services across VPorts.

maxbw

Sets the full duplex bandwidth for the virtual port. The bandwidth is specified as an integer with one of the scale suffixes (K, M, or G for Kbps, Mbps, and Gbps). If no units are specified, the input value will be read as Mbps. The default is no bandwidth limit.

priority

Sets the relative priority for the virtual port. The value can be given as one of the tokens high, medium, or low. The default is medium. This priority is not reflected in any protocol priority fields on the wire, but used for packet processing scheduling within the system. A high priority link offers a better latency depending on the availability of system resources.

protection

Enables one or more types of link protection. It is same as datalink's protection property. Valid values are:

mac-nospoof

MAC address anti-spoof. An outbound packet's source MAC address must match the link's configured MAC address. Non-matching packets will be dropped.

ip-nospoof

IP address anti-spoof. An outbound packet's source IP address must match the VPort's IP address, IPv4/IPv6 addresses learned from DHCP replies, link-local IPv6 address conforming to RFC 2464, and the unspecified (all-zeros) IPv4/IPv6 address.

An outbound ARP packet can pass if its sender protocol address is VPort's IP address.

dhcp-nospoof

The client ID in the DHCPv4 packet must match VPort's MAC address. The DUID in the DHCPv6 packet must be of type 1 or 3 and the link layer address part of the DUID must match the VPort's MAC address.

restricted

Restricts outgoing packet types to just IPv4, IPv6, and ARP.

none

Protection will not be applied

ipaddr

Represents the IP address associated with the virtual port. When a VNIC connects to a VPort, this address will be applied to the VNIC. By default, the EVS Controller will automatically select an IP address from the IPnet associated with the EVS. If a Zone/VNIC needs to be assigned a particular IP address, then that can be achieved by manually setting the ipaddr to the desired IP address at the time of addition of the VPort to an EVS.

Once the VPort is created, its IP address cannot be changed through evsadm set-vportprop command.

macaddr

Represents the MAC address associated with the virtual port. The VNIC that connects to this VPort basically inherits the MAC address from the VPort. By default, the EVS Controller will generate a random MAC address for the VPort. If a VNIC needs to be assigned a particular MAC address, then that can be achieved by manually setting the macaddr to the desired MAC address at the time of addition of the VPort to an EVS.

Once the VPort is created, its MAC address cannot be changed through evsadm set-vportprop command.

evs

A read-only property that represents the EVS with which the VPort is associated.

tenant

A read-only property that represents the tenant with which the VPort is associated.

EVS Properties

maxbw

See "Virtual Port Properties" section above. This defines the default maxbw that will be associated with each virtual port of an EVS.

priority

See "Virtual Port Properties" section above. This defines the default priority that will be associated with each virtual port of an EVS.

tenant

A read-only property that represents the tenant with which an EVS is associated.

l2-type
vlan-id
vni

See "Controller Properties" section above for more information. These properties specify the network-type (flat, vlan, or vxlan) that the EVS should be implemented as, and the corresponding segmentation ID for vlan and vxlan network-type. Basically, l2-type can be used to override the default controller setting.

protection

See "VPort properties" section. When set, it defines the default value for all the ports of the EVS.


Note -  If a property is explicitly set for a virtual port, then that property value overrides the corresponding EVS property value.

Examples

In all the examples below, we are making an assumption that EVS Manager, EVS Controller, and EVS Node are all on the same node.

Example 1 Set the EVS Controller to Which evsadm Should Connect to
# evsadm set-prop -p controller=ssh://evsuser@evs-controller.example.com

Now create the SSH keys for the user invoking evsadm using ssh-keygen(1). Copy over the $HOME/.ssh/id_rsa.pub to /var/user/evsuser/.ssh/authorized_keys. Now SSH to evs-controller.example.com as evsuser to verify whether you can connect without password (Note: answer the yes/no question popped by the SSH client).

# evsadm show-prop
NAME            VALUE                                     DEFAULT
controller      ssh://evs-controller.example.com          --

Note that, since all the participating nodes in the EVS framework are on the same physical machine, we can just use local connection (unix domain socket) instead of SSH to connect:

  • EVS Manager (evsadm(8)) to EVS Controller.

  • EVS Client (dladm(8) and zoneadmd(8) to EVS Controller.

This can be achieved through following:

# evsadm set-prop -p controller=unix://
# evsadm show-prop
NAME            VALUE                                     DEFAULT
controller      unix://                                   --
Example 2 Setup the EVS Controller Such that the L2 Segments are Created by Using VLANs

Continuing from the above example, the controller now is evs-controller.example.com, and any changes made using set-controlprop command will be reflected on that controller.

# evsadm set-controlprop -p l2-type=vlan
# evsadm set-controlprop -p vlan-range=200-300,400-500
# evsadm set-controlprop -p uplink-port=net2
# evsadm set-controlprop -h host2.example.com -p uplink-port=net3
# evsadm set-controlprop -h host3.example.com -p uplink-port=net4

NAME                VALUE               DEFAULT             HOST
l2-type             vlan                vxlan               --
vlan-range          200-300,400-500     --                  --
uplink-port         net2                --                  --
uplink-port         net3                --                  host2.example.com
uplink-port         net4                --                  host3.example.com

VLAN IDs 200-300 and 400-500 have been set aside for EVSes. net2 is the uplink-port on all of the hosts except for host2.example.com and host3.example.com. On host2, net3 will be used as uplink-port, and on host3, net4 will be used as uplink-port.

Example 3 Setup the EVS Controller Such that L2 Segments are Created Using VXLANs
# evsadm set-controlprop -p l2-type=vxlan
# evsadm set-controlprop -p vxlan-range=20000-30000
# evsadm set-controlprop -p vxlan-addr=192.168.10.0/24
# evsadm show-controlprop -p l2-type,vxlan-range,vxlan-addr

NAME                VALUE               DEFAULT             HOST
l2-type             vxlan               vxlan               --
vxlan-range         20000-30000         --                  --
vxlan-addr          192.168.10.0/24     0.0.0.0             --

VXLAN IDs 20000-30000 have been set aside for EVSes. An IP interface that is part of the subnet 192.168.10.0/24 will be used to create our VXLAN links.

Example 4 Create an EVS, Associate an IP subnet, Add a VPort to the EVS, and Connect a VNIC

Before using evsadm, set the controller property.

# evsadm set-prop -p controller=ssh://evs-controller.example.com

Also, SSH authentication with pre-shared keys must be manually setup between RAD client and controller so that RAD client can connect to EVS controller non-interactively.

Now create an EVS with name HR.

# evsadm create-evs HR
# evsadm show-evs HR

EVS    TENANT      STATUS NVPORTS IPNETS HOST
HR     sys-global  --     0       --     --

Since no tenant name was provided, EVS was created under sys-global. It has no IP networks or VPorts associated with it.

Now create an IP network.

# evsadm add-ipnet -p subnet=192.168.13.0/24 HR/hr_ipnet
# evsadm show-ipnet

NAME        TENANT     SUBNET          DEFROUTER    AVAILRANGE
HR/hr_ipnet sys-global 192.168.13.0/24 192.168.13.1 192.168.13.2-192.168.13.254

Now add a VPort to HR.

# evsadm add-vport HR/vport0
# evsadm show-vport

NAME       TENANT     STATUS VNIC      HOST
HR/vport0  sys-global free   --        --

# evsadm show-vport -o name,macaddr,ipaddr

NAME                MACADDR         IPADDR
HR/vport0           2:8:20:95:1:de  192.168.13.2/24

evsadm with no subcommands prints the following output.

# evsadm

NAME          TENANT        STATUS VNIC         IP
HR            sys-global    --     --           hr_ipnet
vport0        --            free   --           192.168.13.2/24

Now connect a VNIC vnic0 to HR/vport0.

# dladm create-vnic -t -c HR/vport0 vnic0
# dladm show-vnic -c

LINK     TENANT      EVS  VPORT   OVER            MACADDRESS        VIDS
vnic0    sys-global  HR   vport0  evs-vxlan200    2:8:20:95:1:de    0

# dladm show-linkprop -p allowed-ips vnic0

LINK     PROPERTY        PERM VALUE        EFFECTIVE    DEFAULT   POSSIBLE
vnic0    allowed-ips     rw   192.168.13.2 192.168.13.2 --        -- 

Note how allowed-ips of vnic0 is set with the VPort's IP address.

Now set the VPort's maxbw property to 1G and see how it reflects on vnic0.

# dladm show-linkprop -p maxbw vnic0

LINK     PROPERTY    PERM VALUE        EFFECTIVE    DEFAULT   POSSIBLE
vnic0    maxbw       rw   --           --           --        -- 

# evsadm set-vportprop -p maxbw=1G HR/vport0
# dladm show-linkprop -p maxbw vnic0

LINK     PROPERTY        PERM VALUE        EFFECTIVE    DEFAULT   POSSIBLE
vnic0    maxbw           rw    1000         1000        --        -- 
Example 5 Create an EVS with flat l2-type

Define which uplink-port on EVS nodes will be used to create FLAT VNICs.

# evsadm set-controlprop -p uplink-port=net0,flat=yes

Now create the Flat EVS, associate subnet to it, and add bunch of VPorts.

# evsadm create-evs -p l2-type=flat evs0
# evsadm show-evs -L
EVS           TENANT        L2TYPE VID  VNI
evs0          sys-global    flat   --   --
# evsadm add-ipnet -p subnet=192.168.100.0/24 evs0/ipnet0
# evsadm add-vport evs0/vport0
# evsadm add-vport evs0/vport1
# evsadm add-vport evs0/vport2

With that all three VPorts of evs0 will be on the same network and the outgoing packets on those VPorts will be untagged.

Example 6 Display Properties of an EVS
# evsadm show-evsprop HR

EVS   TENANT        PROPERTY  PERM VALUE     DEFAULT   POSSIBLE
HR    sys-global    maxbw     rw   --        --        --
HR    sys-global    priority  rw   --        medium    low,medium,
                                                       high
HR    sys-global    tenant    r-   sys-global --       --
Example 7 Display Properties of a VPort
# evsadm show-vportprop HR/

NAME        TENANT        PROPERTY  PERM VALUE     DEFAULT   POSSIBLE
HR/vport0   sys-global    cos       rw   3         0         0-7
HR/vport0   sys-global    maxbw     rw   --        --        10K-
HR/vport0   sys-global    priority  rw   --        medium    low,medium,
HR/vport0   sys-global    ipaddr    r-   192.168.13.2/24 --  --
HR/vport0   sys-global    macaddr   r-   2:8:20:5c:cb:a5 --  --
HR/vport0   sys-global    evs       r-   HR        --        --
HR/vport0   sys-global    tenant    r-   sys-global --       --
# evsadm	show-vportprop HR/
  
NAME	    TENANT        PROPERTY  PERM  VALUE     EFFECTIVE  POSSIBLE
HR/vport0   sys-global   cos	    rw    3	     3          0-7
HR/vport0   sys-global   maxbw      rw    --        --	       
HR/vport0   sys-global   priority   rw	--	    medium    low,medium,
HR/vport0   sys-global   ipaddr     r-	192.168.13.2/24 192.168.13.2/24  --
HR/vport0   sys-global   macaddr    r-	2:8:20:5c:cb:a5 2:8:20:5c:cb:a5  --
HR/vport0   sys-global   evs	    r-	HR	    --         --
HR/vport0   sys-global   tenant     r-	sys-global --        --
Example 8 Remove a Virtual Port
# evsadm remove-vport HR/vport0

Note that, if the vport is being used, then the above operation will fail.

Example 9 Delete an IPnet
# evsadm remove-ipnet HR/hr_ipnet

Note that, if an IP address in the IP subnet is being used, then the above operation will fail.

Example 10 Delete an EVS
# evsadm delete-evs HR

Note that, if VPorts of an EVS is being used, then the above operation will fail.

Example 11 Create an EVS for a Tenant and Associate an IPnet and VPort

The following example creates an EVS evsA for a tenant tenantA, and associates 192.168.100.0/24 as IPnet with it, and a VPort with maxbw of 1G.

# evasdm create-evs -T tenantA evsA
# evsadm add-ipnet -T tenantA -p subnet=192.168.100.0/24 evsA/ipnetA
# evsadm add-vport -T tenantA -p maxbw=1G evsA/vport0
# evsadm

NAME          TENANT        STATUS VNIC         IP                HOST
evsA          tenantA       --     --           ipnetA            --
vport0     --            free   --           192.168.100.2/24  --

# evsadm show-vport
NAME                TENANT        STATUS VNIC         HOST
evsA/vport0         tenantA       free   --           --

# evsadm show-ipnet
NAME         TENANT  SUBNET           DEFROUTER      AVAILRANGE
evsA/ipnetA  tenantA 192.168.100.0/24 192.168.100.1  192.168.100.3-192.168.100.254
Example 12 Specify per EVS Node RAD connection

To push VPort properties and to retrieve VPort statistics, an EVS controller connects to an EVS Node. How the RAD connection need to be made can be controlled by the uri_template controller property. This property globally applies to all the EVS Nodes. However, if for an EVS node a different type of connection need to be specified, then the global value can be overridden for that host.

The value is of the form ssh://[username@] or unix://[username@].

# evsadm show-controlprop -p uri_template
PROPERTY          PERM VALUE       DEFAULT   HOST
uri_template      rw   ssh://      ssh://    --

This basically says that all the per-EVS node RAD connections should use SSH and should use the user executing evsadm as SSH user.

# evsadm set-controlprop -p uri_template=ssh://evsuser
# evsadm show-controlprop -p uri_template
PROPERTY          PERM VALUE           DEFAULT   HOST
uri_template      rw   ssh://evsuser   ssh://    -

This basically says that all the per-EVS node RAD connections should use SSH. However, for SSH user use evsuser instead.

# evsadm set-controlprop -p uri_template=unix://
# evsadm show-controlprop -p uri_template
PROPERTY          PERM VALUE       DEFAULT   HOST
uri_template      rw   unix://     unix://   --

In the case of single server EVS (that is, all the participating nodes in the EVS framework are on the same physical machine) there is no need for SSH and we could just use local connection (unix domain socket).

# evsadm set-controlprop -h evs-controller.example.com -p uri_template=unix://
# evsadm show-controlprop -p uri_template
PROPERTY          PERM VALUE       DEFAULT   HOST
uri_template      rw   ssh://      ssh://    --
uri_template      rw   unix://     unix://   evs-controller.example.com

This basically says that all the per-EVS node RAD connection should be the default SSH except for evs-controller.example.com where local connection should be used.

Example 13 Specify a Pool (Sub-range of IPv4 or IPv6 Addresses From a Subnet) for a Given IP Network
# evsadm create-evs HR
# evsadm add-ipnet HR/ipnet0 -p subnet=10.0.0.0/24
# evsadm set-ipnetprop -p pool=10.0.0.10-10.0.0.15 HR/ipnet0
# evsadm show-ipnetprop -p pool HR/ipnet0

NAME              TENANT      PROPERTY  PERM VALUE         DEFAULT   POSSIBLE
HR/ipnet0         sys-global  pool      rw   10.0.0.10-10.0.0.15 --  --

# evsadm add-vport HR/vport0
# evsadm add-vport HR/vport1
# evsadm add-vport HR/vport2
# evsadm add-vport HR/vport3
# evsadm add-vport HR/vport4
# evsadm add-vport HR/vport5
# evsadm add-vport HR/vport6
evsadm: vport addition failed: insufficient resource

# evsadm
NAME          TENANT        STATUS VNIC         IP                HOST
HR            sys-global    idle   --           ipnet0            --
   vport0     --            free   --           10.0.0.10/24      --
   vport1     --            free   --           10.0.0.11/24      --
   vport2     --            free   --           10.0.0.12/24      --
   vport3     --            free   --           10.0.0.13/24      --
   vport4     --            free   --           10.0.0.14/24      --
   vport5     --            free   --           10.0.0.15/24      --

# evsadm set-ipnetprop -p pool=10.0.0.10-10.0.0.20 HR/ipnet0
# evsadm add-vport HR/vport6
# evsadm add-vport HR/vport7
# evsadm
NAME          TENANT        STATUS VNIC         IP                HOST
HR            sys-global    idle   --           ipnet0            --
   vport0     --            free   --           10.0.0.10/24      --
   vport1     --            free   --           10.0.0.11/24      --
   vport2     --            free   --           10.0.0.12/24      --
   vport3     --            free   --           10.0.0.13/24      --
   vport4     --            free   --           10.0.0.14/24      --
   vport5     --            free   --           10.0.0.15/24      --
   vport6     --            free   --           10.0.0.16/24      --
   vport7     --            free   --           10.0.0.17/24      --

# evsadm add-vport HR/vport8 -p ipaddr=10.0.0.100
# evsadm
NAME          TENANT        STATUS VNIC         IP                HOST
HR            sys-global    idle   --           ipnet0            --
  vport8     --            free   --           10.0.0.100/24     --
  vport0     --            free   --           10.0.0.10/24      --
  vport1     --            free   --           10.0.0.11/24      --
  vport2     --            free   --           10.0.0.12/24      --
  vport3     --            free   --           10.0.0.13/24      --
  vport4     --            free   --           10.0.0.14/24      --
  vport5     --            free   --           10.0.0.15/24      --
  vport6     --            free   --           10.0.0.16/24      --
  vport7     --            free   --           10.0.0.17/24      --
# evsadm set-ipnetprop -p pool= HR/ipnet0

Above invocation will reset the pool to the entire subnet range excluding default gateway IP.

# evsadm show-ipnetprop -p pool HR/ipnet0

NAME              TENANT      PROPERTY  PERM VALUE         DEFAULT   POSSIBLE
HR/ipnet0         sys-global  pool      rw   10.0.0.2-10.0.0.254 --  --

In this case, any VPorts that are added to HR will get IP addresses from within the specified pools. The addition of VPort will fail if there are no more IP addresses in the pool to allocate. To use the address outside the pool, you have to explicitly use -p ipaddr=<IP address> during VPort creation.

Example 14 Connect Through Multiple Uplink Ports From a Given Host
# evsadm set-controlprop -p vlan-range=200-300
# evsadm set-controlprop -h host1 -p uplink-port=net0,vlan-range=200-250
evsadm: warning: provided value range is a subset of the complete range. Ensure to provide the 
remaining value range on a different uplink-port or vxlan-addr
# evsadm set-controlprop -h host1 -p uplink-port=net1,vlan-range=251-300
# evsadm show-controlprop -p uplink-port -o property,perm,value,default,
          vlan_range,vxlan_range,host

PROPERTY          PERM VALUE       DEFAULT   VLAN_RANGE  VXLAN_RANGE HOST
uplink-port       rw   net0        --        200-300     --          --
uplink-port       rw   net0        --        200-250     --          host1
uplink-port       rw   net1        --        251-300     --          host1

# evsadm create-evs evs0 -p vlanid=200
# evsadm create-evs evs1 -p vlanid=251
# evsadm show-evs -L
EVS           TENANT        VID  VNI
evs0          sys-global    200  --
evs1          sys-global    251  --

# evsadm add-ipnet evs0/ipnet0 -p subnet=10.0.0.0/24
# evsadm add-ipnet evs1/ipnet1 -p subnet=10.0.1.0/24
# dladm create-vnic -c evs0 -t vnic0
# dladm create-vnic -c evs1 -t vnic1
# dladm show-vnic
LINK                OVER              SPEED  MACADDRESS        MACADDRTYPE VIDS
vnic0               net0              1000   2:8:20:d4:d7:d5   fixed       200
vnic1               net1              1000   2:8:20:a:11:40    fixed       251

# evsadm set-controlprop -h host1 -p uplink-port=
# evsadm show-controlprop -p uplink-port -o property,perm,value,default,
          vlan_range,vxlan_range,host
PROPERTY          PERM VALUE       DEFAULT   VLAN_RANGE  VXLAN_RANGE HOST
uplink-port       rw   net0        --        200-300     2000-3000   -- 

This says that host1 has two uplink-ports net0 and net1, and on net0 the supported vlan-range is 200-250 and on net1 the supported vlan-range is 251-300. For all the remaining hosts, net0 will host the entire vlan-range. Resetting uplink-port property for a host will clear all the uplink-port values for that host.

Example 15 Configure the Protection Property
# evsadm create-evs evs0
# evsadm add-ipnet evs0/ipnet0 -p subnet=10.0.0.0/24
# evsadm add-vport evs0/vport0
# evsadm show-vportprop -p protection
NAME              TENANT      PROPERTY  PERM VALUE         EFFECTIVE    POSSIBLE
evs0/vport0       sys-global  protection rw  --            mac-nospoof, mac-nospoof,
			    					   ip-nospoof   restricted,
	            							        ip-nospoof,
	            							        dhcp-nospoof,
	            							        none
# dladm create-vnic -c evs0/vport0 -t vnic0
# dladm show-linkprop vnic0 -p protection
LINK     PROPERTY        PERM VALUE        EFFECTIVE    DEFAULT     POSSIBLE
vnic0    protection      rw   mac-nospoof, mac-nospoof, --          mac-nospoof,
			          ip-nospoof   ip-nospoof               restricted,
										   ip-nospoof,
										   dhcp-nospoof
# evsadm set-vportprop -p protection=none evs0/vport0
# dladm show-linkprop vnic0 -p protection
LINK     PROPERTY        PERM VALUE        EFFECTIVE    DEFAULT   POSSIBLE
vnic0    protection      rw   --           --           --        mac-nospoof,
										 restricted,
										 ip-nospoof,
										 dhcp-nospoof
# evsadm set-vportprop -p protection=restricted evs0/vport0
# dladm show-linkprop vnic0 -p protection
LINK     PROPERTY        PERM VALUE        EFFECTIVE    DEFAULT   POSSIBLE
vnic0    protection      rw   restricted   restricted   --        mac-nospoof,
										 restricted,
										 ip-nospoof,
										 dhcp-nospoof
# evsadm set-vportprop -p protection= evs0/vport0

Not specifying value means resetting protection

# dladm show-linkprop vnic0 -p protection
LINK     PROPERTY        PERM VALUE        EFFECTIVE    DEFAULT   POSSIBLE
vnic0    protection      rw   mac-nospoof, mac-nospoof, --        mac-nospoof,
				    ip-nospoof   ip-nospoof             restricted,
							            	  ip-nospoof,
								              dhcp-nospoof

Note that the default value of protection property of VPort is mac-nopsoof, ip-nospoof. Resetting protection property will restore its value to default value.

Attributes

See attributes(7) for descriptions of the following attributes:

ATTRIBUTE TYPE
ATTRIBUTE VALUE
Availability
service/network/evs
Interface Stability
Committed

See Also

ssh-keygen(1), prof_attr(5), attributes(7), dladm(8), evsstat(8), rad(8), zonecfg(8),