Site icon UnixArena

How to Create a Virtual switch on Solaris11 ? How to Use it ?

Lingesh
Oracle Solaris 11 introduces a one of the new network virtualization component is called Virtual switch.There are two type of virtual-switches are available in Solaris 11. First type is, when you create a first VNIC on the system,it will automatically creates a virtual switch in the background for external network communications.The second type of virtual switch can be created by using “etherstub” command for internal communication within the global zone.This type of virtual switch increases the network performance and faster internal traffic  between the local-zones using virtual switch. For an example ,If you have web server and database server on same global zone ,you can create a virtual switch using “etherstub”  command and  VNICs  to communicate each zones without using public IP and NIC interfaces.

Goal:Provide the internal network connectivity between two local zones using vswitch.

1.Create a virtual switch
Switch name: vswitch1

2.Create two VNICs for both local zones for internal communications.
VNIC for webunixarena1:webarena1
VNIC for dbunixarena1 : dbarena1

3.Create a two local zones 
Local zone:1 webunixarena1
Local zone:2  dbunixarena1

4.Assign IP address to VNIC for internal communication between local zones.
Note:In Solaris 11,You can assign IP address from local zones itself.

5.Verify the communication between those local zones.
LAB Exercise Begins Here.
Task:1
1.Create virtual switch using “etherstub” command. 
root@TESTSOL11G:~# dladm create-etherstub vswitch1
root@TESTSOL11G:~# dladm
LINK                CLASS     MTU    STATE    OVER
net0                phys      1500   up       --
vswitch1            etherstub 9000   unknown  --
root@TESTSOL11G:~#


Task:2
Create a VNIC for both local zones by using vswitch1. 
First we will create VNIC for webunixarena1. 
root@TESTSOL11G:~# dladm create-vnic -l vswitch1 webarena1
root@TESTSOL11G:~# dladm
LINK                CLASS     MTU    STATE    OVER
net0                phys      1500   up       --
vswitch1            etherstub 9000   unknown  --
webarena1           vnic      9000   unknown  vswitch1
root@TESTSOL11G:~#

Now create a VNIC for dbunixarena1.

root@TESTSOL11G:~# dladm create-vnic -l vswitch1 dbarena1
root@TESTSOL11G:~# dladm
LINK                CLASS     MTU    STATE    OVER
net0                phys      1500   up       --
vswitch1            etherstub 9000   unknown  --
webarena1           vnic      9000   up       vswitch1
dbarena1            vnic      9000   up       vswitch1
root@TESTSOL11G:~#


Task:3
Create two local zones with below mentioned configuration.
webunixarena1- Configuration: 
root@TESTSOL11G:~# zonecfg -z webunixarena1
Use 'create' to begin configuring a new zone.
zonecfg:webunixarena1> create
create: Using system default template 'SYSdefault'
zonecfg:webunixarena1> set zonepath=/webunixarena1
zonecfg:webunixarena1> add net
zonecfg:webunixarena1:net> set physical=webarena1
zonecfg:webunixarena1:net> end
zonecfg:webunixarena1> exit
root@TESTSOL11G:~# zoneadm list -cv
  ID NAME             STATUS     PATH                           BRAND    IP
   0 global           running    /                              solaris  shared
   - webunixarena1    configured /webunixarena1                 solaris  excl
root@TESTSOL11G:~#

dbunixarena1- Configuration:

root@TESTSOL11G:~# zonecfg -z dbunixarena1
Use 'create' to begin configuring a new zone.
zonecfg:dbunixarena1> create
create: Using system default template 'SYSdefault'
zonecfg:dbunixarena1> set zonepath=/dbunixarena1
zonecfg:dbunixarena1> add net
zonecfg:dbunixarena1:net> set physical=dbarena1
zonecfg:dbunixarena1:net> end
zonecfg:dbunixarena1> exit
root@TESTSOL11G:~#
root@TESTSOL11G:~#
root@TESTSOL11G:~# zoneadm list -cv
  ID NAME             STATUS     PATH                           BRAND    IP
   0 global           running    /                              solaris  shared
   1 webunixarena1    configured /webunixarena1                 solaris  excl
   - dbunixarena1     configured /dbunixarena1                  solaris  excl

The local zones installation part is skipped as it out of scope for this article.You can see the local zone installation method and cloning method from the below mentioned link.
To speed up the process,you can install one local zone and clone the second one.

Task 4:
Configure the IP address on localzones for the internal communication purpose and this communication will happen via virtual switch which we have created using etherstub command.By doing this, physical NIC cards will not be used for localzones communications within the same global . Here webunixarena1 and dbunixaren1 will communicate via vswitch using its own IP address.
Configuring IP address on webunixarena1:
Login to webunixarena1 and perform the below steps.

root@webunixarena1:~# ipadm create-ip webarena1
root@webunixarena1:~# ipadm
NAME              CLASS/TYPE STATE        UNDER      ADDR
lo0               loopback   ok           --         --
   lo0/v4         static     ok           --         127.0.0.1/8
   lo0/v6         static     ok           --         ::1/128
webarena1         ip         down         --         --

Assign a static IP to webarena1 VNIC.

root@webunixarena1:~# ipadm create-addr -T static -a local=192.168.5.61/24 webarena1/v4
root@webunixarena1:~# ipadm
NAME              CLASS/TYPE STATE        UNDER      ADDR
lo0               loopback   ok           --         --
   lo0/v4         static     ok           --         127.0.0.1/8
   lo0/v6         static     ok           --         ::1/128
webarena1         ip         ok           --         --
   webarena1/v4   static     ok           --         192.168.5.61/24
root@webunixarena1:~#
root@webunixarena1:~# echo '192.168.5.61  webarena1' >> /etc/hosts
root@webunixarena1:~# echo '192.168.5.62  dbarena1' >> /etc/hosts


Configuring IP address on dbunixarena1:
Login to dbunixarena1 and perform the below steps.

root@dbunixarena1:~# ipadm create-ip dbarena1
root@dbunixarena1:~# ipadm
NAME              CLASS/TYPE STATE        UNDER      ADDR
lo0               loopback   ok           --         --
   lo0/v4         static     ok           --         127.0.0.1/8
   lo0/v6         static     ok           --         ::1/128
 dbarena1         ip         down         --         --

Assign a static IP to dbarena1 VNIC.

root@dbunixarena1:~# ipadm create-addr -T static -a local=192.168.5.62/24 dbare
na1/v4
root@dbunixarena1:~# ipadm
NAME              CLASS/TYPE STATE        UNDER      ADDR
dbarena1          ip         ok           --         --
   dbarena1/v4    static     ok           --         192.168.5.62/24
lo0               loopback   ok           --         --
   lo0/v4         static     ok           --         127.0.0.1/8
   lo0/v6         static     ok           --         ::1/128
root@dbunixarena1:~#
root@dbunixarena1:~# echo '192.168.5.61  webarena1' >> /etc/hosts
root@dbunixarena1:~# echo '192.168.5.62  dbarena1' >> /etc/hosts


Task:5:
Verify the connectivity between two local zones.

root@dbunixarena1:~# ping webarena1
webarena1 is alive
root@dbunixarena1:~# ping -s 192.168.5.61
PING 192.168.5.61: 56 data bytes
64 bytes from webarena1 (192.168.5.61): icmp_seq=0. time=0.132 ms
64 bytes from webarena1 (192.168.5.61): icmp_seq=1. time=0.138 ms
64 bytes from webarena1 (192.168.5.61): icmp_seq=2. time=0.129 ms
64 bytes from webarena1 (192.168.5.61): icmp_seq=3. time=0.132 ms
^C
----192.168.5.61 PING Statistics----
4 packets transmitted, 4 packets received, 0% packet loss
round-trip (ms)  min/avg/max/stddev = 0.129/0.133/0.138/0.004
root@dbunixarena1:~#


root@webunixarena1:~# ping -s 192.168.5.62
PING 192.168.5.62: 56 data bytes
64 bytes from dbarena1 (192.168.5.62): icmp_seq=0. time=0.141 ms
64 bytes from dbarena1 (192.168.5.62): icmp_seq=1. time=0.158 ms
64 bytes from dbarena1 (192.168.5.62): icmp_seq=2. time=0.128 ms
64 bytes from dbarena1 (192.168.5.62): icmp_seq=3. time=0.126 ms
^C
----192.168.5.62 PING Statistics----
4 packets transmitted, 4 packets received, 0% packet loss
round-trip (ms)  min/avg/max/stddev = 0.126/0.138/0.158/0.015
root@webunixarena1:~#


We are done.Both local zones are able to communicate each without disturbing the physical interfaces.These IP will not able accessible outside the global zone.So you need to configure public IP address by adding VNIC on top of physical interface and assign  to the local zones.

Thank you for reading this article.

Exit mobile version