1. Oracle VM Server for SPARC 3.6 Administration Guide
  2. Using Virtual Networks
  3. Using Trusted Virtual Networks
  4. Trusted Virtual Network Requirements and Restrictions

Trusted Virtual Network Requirements and Restrictions

You can configure a trusted virtual network by using the ldm add-vnet and ldm set-vnet commands to set the custom=enable property. Note that you should provide values for the custom/max-mac-addrs and custom/max-vlans properties to ensure that the number of custom MAC addresses and VLAN are limited for the specified virtual network device. Both property values are set to 4096 by default.

The trusted virtual network feature requires at least the Oracle Solaris 11.3 SRU 8 OS.

Both guest domain that has the custom virtual network device and the service domain that has the corresponding virtual switch device require that latest level of the supported system firmware.

To configure a trusted virtual network, you must specify the following information:

  • custom Enable or disable the trusted virtual network feature. This feature enables a trusted entity to add custom alternate VLAN IDs and custom alternate MAC addresses dynamically.

  • custom/max-mac-addrs Specify the maximum number of custom alternate MAC addresses to be configured on a particular trusted virtual network device.

  • custom/max-vlans Specify the maximum number of custom alternate VLAN IDs to be configured on a particular trusted virtual network device.

The following restrictions are for the trusted virtual network feature:

  • You cannot use the Logical Domains Manager to configure alternate MAC addresses or VLAN IDs on a given trusted virtual network.

  • To modify custom or existing alternate MAC addresses, the domain must be in the bound state.

  • You can increase the custom/max-mac-addrs and custom/max-vlans property values dynamically. However, the domain must be in the bound state to reduce these property values.

    Note:

    Reducing these property values might cause undesirable side effects. So, ensure that you delete any of the VNICs or VLANs created on the host that you do not need because you have no control over which MAC addresses or VLAN IDs the OS will retain. Also, set custom=disable on the virtual network device before using the ldm set-vnet command to reduce the number of maximum VLAN IDs and MAC addresses for the custom virtual network device.

    Caution:

    The effective use of this feature is to limit and control these properties.

  • Ensure that any VNIC and VLAN devices that have been created are removed before you reduce the number of custom VLAN IDs or custom alternate MAC addresses. Otherwise, the guest domain will have VNICs that cannot be configured and must be removed manually.

  • The dladm show-vnic -m command shows the MAC addresses and VLAN IDs that are configured on the specified virtual network. The dladm show-vnic -m command shows the alternate MAC addresses and VLAN IDs in use on the guest domain. This is a departure from older releases where in all alternate MAC addresses and VLAN IDs were preconfigured on the virtual switch.

  • The trusted virtual network feature is mutually exclusive with the PVLAN feature.

  • The Logical Domains Manager attempts to validate the guest domain and service domain support for this feature before enabling the custom feature. If the guest domain is not running, you can enable this feature if the service domain supports it. However, if the guest domain does not support the feature you must set custom=disabled before you re-enable non-custom alternate MAC addresses and VLAN IDs.

  • You can perform a live migration of a domain with trusted virtual networks only if the target service domain supports the trusted virtual network feature.