On 05/30/11 13:29, Alexander wrote:
On 5/30/2011 8:06 AM, Alexander wrote:
Hello. On FreeBSD host system I have the following
configuration:
on physical interface I created vlan, connected it
to bridge, created epair and added it end to bridge. In such way I
can connect several jailed systems (VNET) to one vlan, providing
one virtual interface to each jail.
I'm trying to achieve this functionality on
OpenIndiana system (oi_151) so that severals zones could be
connected to one vlan with own vnic, but I didn't managed yet. I
can't create vnic based on vlan and can't bridge vlan...
Bridges exist logically below the level of VLANs, so you can't
really just bridge two distinct VLANs together. It doesn't make
sense, at least to me.
Let me try to explain in more details. I'd like to create the
following configuration:
physicalInterface => vlanInterface<=> bridge<=> etherstub<=>
VirutalInterfaces for zones
In such way I'd like to achieve the following: each zone has
exclusive ip stack and multiple zones can be in one vlan, which is
seen from outside. It seems, that most of our tasks can be solved
with usual configuration (shared ip stack), but on our FreeBSD hosts
such configuration (exclusive ip stack + bridge per vlan) is quite
convinient. I was suprised that I can't achive similar configuration
on Solaris host.
You can, it's quite simple. This works by creating two VLAN-tagged
VNICs over the same physical link, and adding one to each zone. The
kernel has an implicit logical bridge between a physical link and the
VNICs above it. For example:
dladm create-vnic -v <vlan-tag> -l <physical-link> vnic1
dladm create-vnic -v <vlan-tag> -l <physical-link> vnic2
You then use zonecfg to assign vnic1 and vnic2 to each zone:
zonecfg:zone1> add net
zonecfg:zone1:net> set physical=vnic1
zonecfg:zone1:net> end
...
zonecfg:zone2> add net
zonecfg:zone2:net> set physical=vnic2
zonecfg:zone2:net> end
...
-Seb
_______________________________________________
networking-discuss mailing list
networking-discuss@opensolaris.org
