Configuring Trusted Virtual Networks
This section includes tasks that show how to create trusted virtual networks and how to obtain information about trusted virtual networks.
You can configure a trusted virtual network by setting the custom property value by using the ldm add-vnet or ldm set-vnet command. See the ldm(8) man page.
Example 13-15 Creating a Trusted Virtual Network
You can use the following commands to create a trusted virtual network ldg1_vnet0 on the primary-vsw0 virtual switch in the ldg1 domain. The custom/max-mac-addrs and custom/max-vlans property values use the default values of 4096.
primary# ldm add-vnet custom=enable ldg1_vnet0 primary-vsw0 ldg1 primary# ldm list -o network ldg1 ... NETWORK NAME SERVICE MACADDRESS PVID|PVLAN|VIDs ---- ------- ---------- --------------- ldg1-vnet0 primary-vsw0@primary 00:14:4f:fa:d7:5e 1|--|-- DEVICE :network@1 ID :1 LINKPROP :phys-state MTU :1500 MAXBW :-- MODE :-- CUSTOM :enable MAX-CUSTOM-MACS:4096 MAX-CUSTOM-VLANS:4096 PRIORITY :-- COS :-- PROTECTION :--
Example 13-16 Enabling the Trusted Virtual Network Feature on an Existing Virtual Network
The following example shows how to enable the trusted virtual network feature by setting custom=enable for the ldg1_vnet0 virtual network device in the ldg1 domain. The custom/max-mac-addrs and custom/max-vlans property values use the default values of 4096.
primary# ldm set-vnet custom=enabled ldg1_vnet0 ldg1 primary# ldm list -o network ldg1 ... NETWORK NAME SERVICE MACADDRESS PVID|PVLAN|VIDs ---- ------- ---------- --------------- ldg1-vnet0 primary-vsw0@primary 00:14:4f:fa:d7:5e 1|--|-- DEVICE :network@1 ID :1 LINKPROP :phys-state MTU :1500 MAXBW :-- MODE :-- CUSTOM :enable MAX-CUSTOM-MACS:4096 MAX-CUSTOM-VLANS:4096 PRIORITY :-- COS :-- PROTECTION :--
Example 13-17 Setting the custom/max-mac-addrs and custom/max-vlans Properties
The following example sets the custom/max-vlans property value to 12 and the custom/max-mac-addrs property value to 13.
Because these new property values are lower than the previous values, you cannot change these settings dynamically. You can make these changes only to a bound or inactive domain.
primary# ldm stop ldg1 primary# ldm set-vnet custom/max-vlans=12 custom/max-mac-addrs=13 ldg1_vnet0 ldg1 primary# ldm list -o network ldg1 ... NETWORK NAME SERVICE MACADDRESS PVID|PVLAN|VIDs ---- ------- ---------- --------------- ldg1-vnet0 primary-vsw0@primary 00:14:4f:fa:d7:5e 1|--|-- DEVICE :network@1 ID :1 LINKPROP :phys-state MTU :1500 MAXBW :-- MODE :-- CUSTOM :enable MAX-CUSTOM-MACS:13 MAX-CUSTOM-VLANS:12 PRIORITY :-- COS :-- PROTECTION :--
Example 13-18 Resetting the custom/max-mac-addrs and custom/max-vlans Properties
The following example shows how to reset the custom/max-mac-addrs property value to its default of 4096 by specifying a null value.
When custom=enabled, you can reset the custom/max-vlans property value, the custom/max-mac-addrs property value, or both.
primary# ldm set-vnet custom/max-mac-addrs= ldg1_vnet0 ldg1 primary# ldm list -o network ldg1 ... NETWORK NAME SERVICE MACADDRESS PVID|PVLAN|VIDs ---- ------- ---------- --------------- ldg1-vnet0 primary-vsw0@primary 00:14:4f:fa:d7:5e 1|--|-- DEVICE :network@1 ID :1 LINKPROP :phys-state MTU :1500 MAXBW :-- MODE :-- CUSTOM :enable MAX-CUSTOM-MACS:4096 MAX-CUSTOM-VLANS:12 PRIORITY :-- COS :-- PROTECTION :--
Example 13-19 Changing the custom/max-mac-addrs and custom/max-vlans Property Values
The following example shows how to increase the custom/max-vlans property value and decrease the custom/max-mac-addrs property value. You can increase the custom/max-vlans property value to 24 dynamically, because 24 is larger than the previous value of 12. However, because you are reducing the maximum value for custom/max-mac-addrs from 4096 to 11, you must first stop the domain.
primary# ldm set-vnet custom/max-vlans=24 ldg1_vnet0 ldg1 primary# ldm stop ldg1 primary# ldm set-vnet custom/max-mac-addrs=11 ldg1_vnet0 ldg1 primary# ldm list -o network ldg1 ... NETWORK NAME SERVICE MACADDRESS PVID|PVLAN|VIDs ---- ------- ---------- --------------- ldg1-vnet0 primary-vsw0@primary 00:14:4f:fa:d7:5e 1|--|-- DEVICE :network@1 ID :1 LINKPROP :phys-state MTU :1500 MAXBW :-- MODE :-- CUSTOM :enable MAX-CUSTOM-MACS:11 MAX-CUSTOM-VLANS:24 PRIORITY :-- COS :-- PROTECTION :--
Example 13-20 Disabling the Trusted Virtual Network Feature
The following example shows how to disable the custom property for the ldg1_vnet0 virtual network device in the ldg1 domain.
primary# ldm set-vnet custom=disabled ldg1_vnet0 ldg1 ... NETWORK NAME SERVICE MACADDRESS PVID|PVLAN|VIDs ---- ------- ---------- --------------- ldg1-vnet0 primary-vsw0@primary 00:14:4f:fa:d7:5e 1|--|-- DEVICE :network@1 ID :1 LINKPROP :phys-state MTU :1500 MAXBW :-- MODE :-- CUSTOM :disable PRIORITY :-- COS :-- PROTECTION :--