crossbow discuss - Mar 2007 - IP Instances with VLAN''s

Hi,
how can ip instances be used with vlans ? Is that possible ?
I don''t know how to configure this, if I only have one interface (e.g.
bge0), and want to
assign e.g. bge1000 to a zone. Any cookbooks available ?

Thanks
Detlef

Hi Detlef

Detlef Drewanz wrote On 03/21/07 12:26,:
> Hi,
> how can ip instances be used with vlans ? Is that possible ?
Yes, it is very possible.
> I don''t know how to configure this, if I only have one interface
(e.g.
> bge0), and want to assign e.g. bge1000 to a zone. Any cookbooks available ?
set ip-type=exclusive

add net
set physical=bge1000
end

http://www.opensolaris.org/os/project/crossbow/CrossbowBeta/FeaturesOverview/
has good info

Steffen

reply-to set to alias.
> 
> Thanks
> Detlef
> _______________________________________________
> crossbow-discuss mailing list
> crossbow-discuss at opensolaris.org
> http://opensolaris.org/mailman/listinfo/crossbow-discuss

Steffen Weiberle wrote:
> Hi Detlef
> 
> Detlef Drewanz wrote On 03/21/07 12:26,:
>> Hi,
>> how can ip instances be used with vlans ? Is that possible ?
> 
> Yes, it is very possible.
> 
>> I don''t know how to configure this, if I only have one
interface (e.g.
>> bge0), and want to assign e.g. bge1000 to a zone. Any cookbooks 
>> available ?
> 
> set ip-type=exclusive
> 
> add net
> set physical=bge1000
> end
Also, if you don''t want to go through the sysid dialog the first time 
you boot the zone, you can drop IP configuration into 
$ZONEPATH/root/etc/sysidcfg before the first boot.
There are examples of sysidcfg syntax in

http://www.opensolaris.org/os/project/crossbow/Docs/si-interfaces.pdf

    Erik

Es funktioniert. :)  (now that I figured out what was wrong with my VLAN
configuration
on the switch)

zone141# ifconfig -a
lo0: flags=2001000849<UP,LOOPBACK,RUNNING,MULTICAST,IPv4,VIRTUAL> mtu 8232
index 1
         inet 127.0.0.1 netmask ff000000
bge1001: flags=201000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4,CoS> mtu 1500
index 3
         inet 129.154.53.34 netmask ffffff00 broadcast 129.154.53.255
         ether 0:3:ba:e3:42:8c
bge2001: flags=201000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4,CoS> mtu 1500
index 2
         inet 10.1.14.140 netmask ffffffc0 broadcast 10.1.14.191
         ether 0:3:ba:e3:42:8c

zone141# traceroute 10.1.14.130
traceroute: Warning: Multiple interfaces found; using 10.1.14.140 @ bge2001
traceroute to 10.1.14.130 (10.1.14.130), 30 hops max, 40 byte packets
  1  10.1.14.130 (10.1.14.130)  10.505 ms  0.261 ms  0.218 ms

zone141# traceroute 129.154.53.51
traceroute: Warning: Multiple interfaces found; using 129.154.53.34 @ bge1001
traceroute to 129.154.53.51 (129.154.53.51), 30 hops max, 40 byte packets
  1  129.154.53.51 (129.154.53.51)  2.368 ms  0.339 ms  0.222 ms

global# zonecfg -z zone141 info net
net:
         address not specified
         physical: bge2001
net:
         address not specified
         physical: bge1001

global# dladm show-link
bge0            type: non-vlan  mtu: 1500       device: bge0
bge1            type: non-vlan  mtu: 1500       device: bge1
bge2001         type: vlan 2    mtu: 1500       device: bge1
bge1001         type: vlan 1    mtu: 1500       device: bge1
bge2            type: non-vlan  mtu: 1500       device: bge2
bge3            type: non-vlan  mtu: 1500       device: bge3

Steffen

Detlef Drewanz wrote On 03/21/07 12:26,:
> Hi,
> how can ip instances be used with vlans ? Is that possible ?
> I don''t know how to configure this, if I only have one interface
(e.g.
> bge0), and want to assign e.g. bge1000 to a zone. Any cookbooks available ?
> 
> Thanks
> Detlef
> _______________________________________________
> crossbow-discuss mailing list
> crossbow-discuss at opensolaris.org
> http://opensolaris.org/mailman/listinfo/crossbow-discuss

Thanks, but I still do not get this to run.

I only have one interface bge0. If this is already bound to the global zone:
- Who will create the vlan tagged interfaces on that bge0 ?
	- the zoneadm during boot
	- do I have to ifconfig plumb bge1000
	- ?

Right now I tried with bge0 and bge1000 on the same interface, but 
did''nt used sysidcfg. So Iassumed that I can run in my zone now
ifconfig
bge1000 plumb. But this interface is not there because noone created it. 
Something must be wrong in my thinking ...

Detlef

Steffen Weiberle wrote, On 03/21/07 20:25:
> Es funktioniert. :)  (now that I figured out what was wrong with my VLAN 
> configuration
> on the switch)
> 
> zone141# ifconfig -a
> lo0: flags=2001000849<UP,LOOPBACK,RUNNING,MULTICAST,IPv4,VIRTUAL> mtu
> 8232 index 1
>         inet 127.0.0.1 netmask ff000000
> bge1001: flags=201000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4,CoS> mtu
> 1500 index 3
>         inet 129.154.53.34 netmask ffffff00 broadcast 129.154.53.255
>         ether 0:3:ba:e3:42:8c
> bge2001: flags=201000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4,CoS> mtu
> 1500 index 2
>         inet 10.1.14.140 netmask ffffffc0 broadcast 10.1.14.191
>         ether 0:3:ba:e3:42:8c
> 
> zone141# traceroute 10.1.14.130
> traceroute: Warning: Multiple interfaces found; using 10.1.14.140 @ bge2001
> traceroute to 10.1.14.130 (10.1.14.130), 30 hops max, 40 byte packets
>  1  10.1.14.130 (10.1.14.130)  10.505 ms  0.261 ms  0.218 ms
> 
> zone141# traceroute 129.154.53.51
> traceroute: Warning: Multiple interfaces found; using 129.154.53.34 @ 
> bge1001
> traceroute to 129.154.53.51 (129.154.53.51), 30 hops max, 40 byte packets
>  1  129.154.53.51 (129.154.53.51)  2.368 ms  0.339 ms  0.222 ms
> 
> global# zonecfg -z zone141 info net
> net:
>         address not specified
>         physical: bge2001
> net:
>         address not specified
>         physical: bge1001
> 
> global# dladm show-link
> bge0            type: non-vlan  mtu: 1500       device: bge0
> bge1            type: non-vlan  mtu: 1500       device: bge1
> bge2001         type: vlan 2    mtu: 1500       device: bge1
> bge1001         type: vlan 1    mtu: 1500       device: bge1
> bge2            type: non-vlan  mtu: 1500       device: bge2
> bge3            type: non-vlan  mtu: 1500       device: bge3
> 
> Steffen
> 
> Detlef Drewanz wrote On 03/21/07 12:26,:
>> Hi,
>> how can ip instances be used with vlans ? Is that possible ?
>> I don''t know how to configure this, if I only have one
interface (e.g.
>> bge0), and want to assign e.g. bge1000 to a zone. Any cookbooks 
>> available ?
>>
>> Thanks
>> Detlef
>> _______________________________________________
>> crossbow-discuss mailing list
>> crossbow-discuss at opensolaris.org
>> http://opensolaris.org/mailman/listinfo/crossbow-discuss
> _______________________________________________
> crossbow-discuss mailing list
> crossbow-discuss at opensolaris.org
> http://opensolaris.org/mailman/listinfo/crossbow-discuss

Detlef Drewanz Wrote:
> Thanks, but I still do not get this to run.
> 
> I only have one interface bge0. If this is already bound to the global 
> zone:
> - Who will create the vlan tagged interfaces on that bge0 ?
>     - the zoneadm during boot
Yes, automatically.
>     - do I have to ifconfig plumb bge1000
No, if you do ifconfig plumb bge1000 in the Global zone before the
non-global zone boots, that non-global zone cannot use it. :-)
>     - ?
> 
> Right now I tried with bge0 and bge1000 on the same interface, but 
> did''nt used sysidcfg. So Iassumed that I can run in my zone now
ifconfig
> bge1000 plumb. But this interface is not there because noone created it. 
> Something must be wrong in my thinking ...
It is there, under /dev if you take a look, or that should be a bug. ;-)

Enjoy.

Donghai.
> 
> Detlef
> 
> Steffen Weiberle wrote, On 03/21/07 20:25:
> 
>> Es funktioniert. :)  (now that I figured out what was wrong with my 
>> VLAN configuration
>> on the switch)
>>
>> zone141# ifconfig -a
>> lo0: flags=2001000849<UP,LOOPBACK,RUNNING,MULTICAST,IPv4,VIRTUAL>
mtu
>> 8232 index 1
>>         inet 127.0.0.1 netmask ff000000
>> bge1001: flags=201000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4,CoS>
mtu
>> 1500 index 3
>>         inet 129.154.53.34 netmask ffffff00 broadcast 129.154.53.255
>>         ether 0:3:ba:e3:42:8c
>> bge2001: flags=201000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4,CoS>
mtu
>> 1500 index 2
>>         inet 10.1.14.140 netmask ffffffc0 broadcast 10.1.14.191
>>         ether 0:3:ba:e3:42:8c
>>
>> zone141# traceroute 10.1.14.130
>> traceroute: Warning: Multiple interfaces found; using 10.1.14.140 @ 
>> bge2001
>> traceroute to 10.1.14.130 (10.1.14.130), 30 hops max, 40 byte packets
>>  1  10.1.14.130 (10.1.14.130)  10.505 ms  0.261 ms  0.218 ms
>>
>> zone141# traceroute 129.154.53.51
>> traceroute: Warning: Multiple interfaces found; using 129.154.53.34 @ 
>> bge1001
>> traceroute to 129.154.53.51 (129.154.53.51), 30 hops max, 40 byte
packets
>>  1  129.154.53.51 (129.154.53.51)  2.368 ms  0.339 ms  0.222 ms
>>
>> global# zonecfg -z zone141 info net
>> net:
>>         address not specified
>>         physical: bge2001
>> net:
>>         address not specified
>>         physical: bge1001
>>
>> global# dladm show-link
>> bge0            type: non-vlan  mtu: 1500       device: bge0
>> bge1            type: non-vlan  mtu: 1500       device: bge1
>> bge2001         type: vlan 2    mtu: 1500       device: bge1
>> bge1001         type: vlan 1    mtu: 1500       device: bge1
>> bge2            type: non-vlan  mtu: 1500       device: bge2
>> bge3            type: non-vlan  mtu: 1500       device: bge3
>>
>> Steffen
>>
>> Detlef Drewanz wrote On 03/21/07 12:26,:
>>
>>> Hi,
>>> how can ip instances be used with vlans ? Is that possible ?
>>> I don''t know how to configure this, if I only have one
interface
>>> (e.g. bge0), and want to assign e.g. bge1000 to a zone. Any
cookbooks
>>> available ?
>>>
>>> Thanks
>>> Detlef
>>> _______________________________________________
>>> crossbow-discuss mailing list
>>> crossbow-discuss at opensolaris.org
>>> http://opensolaris.org/mailman/listinfo/crossbow-discuss
>>
>> _______________________________________________
>> crossbow-discuss mailing list
>> crossbow-discuss at opensolaris.org
>> http://opensolaris.org/mailman/listinfo/crossbow-discuss
> 
> 
> _______________________________________________
> crossbow-discuss mailing list
> crossbow-discuss at opensolaris.org
> http://opensolaris.org/mailman/listinfo/crossbow-discuss

Hi Detlef,

Detlef Drewanz wrote On 03/21/07 18:42,:
> Thanks, but I still do not get this to run.
> 
> I only have one interface bge0. If this is already bound to the global 
> zone:
> - Who will create the vlan tagged interfaces on that bge0 ?
>     - the zoneadm during boot
>     - do I have to ifconfig plumb bge1000
Yes, from the non-global zone.

Then dladm will show it. I don''t know how to probe the interface to
query
which VLAN tags are available.

You should also be able to do this from the global zone, but I am not sure
if it will allow that if the zone is already configured.
>     - ?
> 
> Right now I tried with bge0 and bge1000 on the same interface, but 
> did''nt used sysidcfg. So Iassumed that I can run in my zone now
ifconfig
I did not use sysidcfg. I plumbed manually from the NGZ.

I was able to ''ifconfig bge3001 plumb'' from the global, even
though there
is no VLAN with that tag configured on the switch.
> bge1000 plumb. But this interface is not there because noone created it. 
> Something must be wrong in my thinking ...
> 
> Detlef
> 
> Steffen Weiberle wrote, On 03/21/07 20:25:
> 
>> Es funktioniert. :)  (now that I figured out what was wrong with my 
>> VLAN configuration
>> on the switch)
>>
>> zone141# ifconfig -a
>> lo0: flags=2001000849<UP,LOOPBACK,RUNNING,MULTICAST,IPv4,VIRTUAL>
mtu
>> 8232 index 1
>>         inet 127.0.0.1 netmask ff000000
>> bge1001: flags=201000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4,CoS>
mtu
>> 1500 index 3
>>         inet 129.154.53.34 netmask ffffff00 broadcast 129.154.53.255
>>         ether 0:3:ba:e3:42:8c
>> bge2001: flags=201000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4,CoS>
mtu
>> 1500 index 2
>>         inet 10.1.14.140 netmask ffffffc0 broadcast 10.1.14.191
>>         ether 0:3:ba:e3:42:8c
>>
>> zone141# traceroute 10.1.14.130
>> traceroute: Warning: Multiple interfaces found; using 10.1.14.140 @ 
>> bge2001
>> traceroute to 10.1.14.130 (10.1.14.130), 30 hops max, 40 byte packets
>>  1  10.1.14.130 (10.1.14.130)  10.505 ms  0.261 ms  0.218 ms
>>
>> zone141# traceroute 129.154.53.51
>> traceroute: Warning: Multiple interfaces found; using 129.154.53.34 @ 
>> bge1001
>> traceroute to 129.154.53.51 (129.154.53.51), 30 hops max, 40 byte
packets
>>  1  129.154.53.51 (129.154.53.51)  2.368 ms  0.339 ms  0.222 ms
>>
>> global# zonecfg -z zone141 info net
>> net:
>>         address not specified
>>         physical: bge2001
>> net:
>>         address not specified
>>         physical: bge1001
>>
>> global# dladm show-link
>> bge0            type: non-vlan  mtu: 1500       device: bge0
>> bge1            type: non-vlan  mtu: 1500       device: bge1
>> bge2001         type: vlan 2    mtu: 1500       device: bge1
>> bge1001         type: vlan 1    mtu: 1500       device: bge1
>> bge2            type: non-vlan  mtu: 1500       device: bge2
>> bge3            type: non-vlan  mtu: 1500       device: bge3
>>
>> Steffen
>>
>> Detlef Drewanz wrote On 03/21/07 12:26,:
>>
>>> Hi,
>>> how can ip instances be used with vlans ? Is that possible ?
>>> I don''t know how to configure this, if I only have one
interface
>>> (e.g. bge0), and want to assign e.g. bge1000 to a zone. Any
cookbooks
>>> available ?
>>>
>>> Thanks
>>> Detlef
>>> _______________________________________________
>>> crossbow-discuss mailing list
>>> crossbow-discuss at opensolaris.org
>>> http://opensolaris.org/mailman/listinfo/crossbow-discuss
>>
>> _______________________________________________
>> crossbow-discuss mailing list
>> crossbow-discuss at opensolaris.org
>> http://opensolaris.org/mailman/listinfo/crossbow-discuss
> 
> 
> _______________________________________________
> crossbow-discuss mailing list
> crossbow-discuss at opensolaris.org
> http://opensolaris.org/mailman/listinfo/crossbow-discuss

Dong-Hai Han wrote On 03/21/07 22:33,:
> Detlef Drewanz Wrote:
> 
>> Thanks, but I still do not get this to run.
>>
>> I only have one interface bge0. If this is already bound to the global 
>> zone:
>> - Who will create the vlan tagged interfaces on that bge0 ?
>>     - the zoneadm during boot
> 
> Yes, automatically.
> 
>>     - do I have to ifconfig plumb bge1000
> 
> No, if you do ifconfig plumb bge1000 in the Global zone before the
> non-global zone boots, that non-global zone cannot use it. :-)
I have confirmed both of these, and even with new VLANs that are not
configured on the switch. With the zone having been booted, the /dev
entries were created and dladm shows them.
> 
>>     - ?
>>
>> Right now I tried with bge0 and bge1000 on the same interface, but 
>> did''nt used sysidcfg. So Iassumed that I can run in my zone
now
>> ifconfig bge1000 plumb. But this interface is not there because noone 
>> created it. Something must be wrong in my thinking ...
> 
> It is there, under /dev if you take a look, or that should be a bug. ;-)
I see these. System is v210 running nv60.

Detlef, what are you running? Is this on your laptop (F3400)?

Steffen
> 
> Enjoy.
> 
> Donghai.
> 
>>
>> Detlef
>>
>> Steffen Weiberle wrote, On 03/21/07 20:25:
>>
>>> Es funktioniert. :)  (now that I figured out what was wrong with my
>>> VLAN configuration
>>> on the switch)
>>>
>>> zone141# ifconfig -a
>>> lo0:
flags=2001000849<UP,LOOPBACK,RUNNING,MULTICAST,IPv4,VIRTUAL> mtu
>>> 8232 index 1
>>>         inet 127.0.0.1 netmask ff000000
>>> bge1001:
flags=201000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4,CoS> mtu
>>> 1500 index 3
>>>         inet 129.154.53.34 netmask ffffff00 broadcast
129.154.53.255
>>>         ether 0:3:ba:e3:42:8c
>>> bge2001:
flags=201000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4,CoS> mtu
>>> 1500 index 2
>>>         inet 10.1.14.140 netmask ffffffc0 broadcast 10.1.14.191
>>>         ether 0:3:ba:e3:42:8c
>>>
>>> zone141# traceroute 10.1.14.130
>>> traceroute: Warning: Multiple interfaces found; using 10.1.14.140 @
>>> bge2001
>>> traceroute to 10.1.14.130 (10.1.14.130), 30 hops max, 40 byte
packets
>>>  1  10.1.14.130 (10.1.14.130)  10.505 ms  0.261 ms  0.218 ms
>>>
>>> zone141# traceroute 129.154.53.51
>>> traceroute: Warning: Multiple interfaces found; using 129.154.53.34
@
>>> bge1001
>>> traceroute to 129.154.53.51 (129.154.53.51), 30 hops max, 40 byte 
>>> packets
>>>  1  129.154.53.51 (129.154.53.51)  2.368 ms  0.339 ms  0.222 ms
>>>
>>> global# zonecfg -z zone141 info net
>>> net:
>>>         address not specified
>>>         physical: bge2001
>>> net:
>>>         address not specified
>>>         physical: bge1001
>>>
>>> global# dladm show-link
>>> bge0            type: non-vlan  mtu: 1500       device: bge0
>>> bge1            type: non-vlan  mtu: 1500       device: bge1
>>> bge2001         type: vlan 2    mtu: 1500       device: bge1
>>> bge1001         type: vlan 1    mtu: 1500       device: bge1
>>> bge2            type: non-vlan  mtu: 1500       device: bge2
>>> bge3            type: non-vlan  mtu: 1500       device: bge3
>>>
>>> Steffen
>>>
>>> Detlef Drewanz wrote On 03/21/07 12:26,:
>>>
>>>> Hi,
>>>> how can ip instances be used with vlans ? Is that possible ?
>>>> I don''t know how to configure this, if I only have one
interface
>>>> (e.g. bge0), and want to assign e.g. bge1000 to a zone. Any 
>>>> cookbooks available ?
>>>>
>>>> Thanks
>>>> Detlef
>>>> _______________________________________________
>>>> crossbow-discuss mailing list
>>>> crossbow-discuss at opensolaris.org
>>>> http://opensolaris.org/mailman/listinfo/crossbow-discuss
>>>
>>>
>>> _______________________________________________
>>> crossbow-discuss mailing list
>>> crossbow-discuss at opensolaris.org
>>> http://opensolaris.org/mailman/listinfo/crossbow-discuss
>>
>>
>>
>> _______________________________________________
>> crossbow-discuss mailing list
>> crossbow-discuss at opensolaris.org
>> http://opensolaris.org/mailman/listinfo/crossbow-discuss
> 
> 
> _______________________________________________
> crossbow-discuss mailing list
> crossbow-discuss at opensolaris.org
> http://opensolaris.org/mailman/listinfo/crossbow-discuss

Steffen Weiberle Wrote:
> Dong-Hai Han wrote On 03/21/07 22:33,:
> 
>> Detlef Drewanz Wrote:
>>
>>> Thanks, but I still do not get this to run.
>>>
>>> I only have one interface bge0. If this is already bound to the 
>>> global zone:
>>> - Who will create the vlan tagged interfaces on that bge0 ?
>>>     - the zoneadm during boot
>>
>>
>> Yes, automatically.
>>
>>>     - do I have to ifconfig plumb bge1000
>>
>>
>> No, if you do ifconfig plumb bge1000 in the Global zone before the
>> non-global zone boots, that non-global zone cannot use it. :-)
> 
> 
> I have confirmed both of these, and even with new VLANs that are not
> configured on the switch. With the zone having been booted, the /dev
> entries were created and dladm shows them.
Thanks.

Yes, you don''t have to relying on the switch to create bge1000, but
you will need it if you want to communicate with other machines.

To do tests, you can connect two zones back-to-back, and VLAN will just
work.

Best,

Donghai.

Hi Donghai,

Dong-Hai Han wrote On 03/21/07 23:30,:
> Steffen Weiberle Wrote:
> 
>> Dong-Hai Han wrote On 03/21/07 22:33,:
>>
>>> Detlef Drewanz Wrote:
>>>
>>>> Thanks, but I still do not get this to run.
>>>>
>>>> I only have one interface bge0. If this is already bound to the
>>>> global zone:
>>>> - Who will create the vlan tagged interfaces on that bge0 ?
>>>>     - the zoneadm during boot
>>>
>>> Yes, automatically.
>>>
>>>>     - do I have to ifconfig plumb bge1000
>>>
>>> No, if you do ifconfig plumb bge1000 in the Global zone before the
>>> non-global zone boots, that non-global zone cannot use it. :-)
>>
>> I have confirmed both of these, and even with new VLANs that are not
>> configured on the switch. With the zone having been booted, the /dev
>> entries were created and dladm shows them.
> 
> Thanks.
> 
> Yes, you don''t have to relying on the switch to create bge1000,
but
> you will need it if you want to communicate with other machines.
> 
> To do tests, you can connect two zones back-to-back, and VLAN will just
> work.
Not if they are both ip-type=exclusive, I hope! Unless (maybe if) the switch is
set up
to accept non-tagged frames.

Tried it and it did not work with each zone having its own IP Instance. But it
did work
within the global zone (same IP Instance).

Thanks,
Steffen
> 
> Best,
> 
> Donghai.
> _______________________________________________
> crossbow-discuss mailing list
> crossbow-discuss at opensolaris.org
> http://opensolaris.org/mailman/listinfo/crossbow-discuss

Steffen Weiberle wrote:
> Hi Donghai,
> 
> Dong-Hai Han wrote On 03/21/07 23:30,:
>> Steffen Weiberle Wrote:
>>
>>> Dong-Hai Han wrote On 03/21/07 22:33,:
>>>
>>>> Detlef Drewanz Wrote:
>>>>
>>>>> Thanks, but I still do not get this to run.
>>>>>
>>>>> I only have one interface bge0. If this is already bound to
the
>>>>> global zone:
>>>>> - Who will create the vlan tagged interfaces on that bge0 ?
>>>>>     - the zoneadm during boot
>>>>
>>>> Yes, automatically.
>>>>
>>>>>     - do I have to ifconfig plumb bge1000
>>>>
>>>> No, if you do ifconfig plumb bge1000 in the Global zone before
the
>>>> non-global zone boots, that non-global zone cannot use it. :-)
>>>
>>> I have confirmed both of these, and even with new VLANs that are
not
>>> configured on the switch. With the zone having been booted, the
/dev
>>> entries were created and dladm shows them.
>>
>> Thanks.
>>
>> Yes, you don''t have to relying on the switch to create
bge1000, but
>> you will need it if you want to communicate with other machines.
>>
>> To do tests, you can connect two zones back-to-back, and VLAN will just
>> work.
> 
> Not if they are both ip-type=exclusive, I hope! Unless (maybe if) the 
> switch is set up to accept non-tagged frames.
This is a little off-topic, but VLANs should work with ip-type=exclusive if 
each zone uses a different NIC (e.g. bge1, bge2), yes?
> Tried it and it did not work with each zone having its own IP Instance. 
> But it did work within the global zone (same IP Instance).

-- 
--------------------------------------------------------------------------
Jeff VICTOR              Sun Microsystems            jeff.victor @ sun.com
OS Ambassador            Sr. Technical Specialist
Solaris 10 Zones FAQ:    http://www.opensolaris.org/os/community/zones/faq
--------------------------------------------------------------------------

Thanks a lot Donghai, Steffen, Erik,
now it works for me. I am not sure what issue I had yesterday. Now I 
have it running on my laptop fr3400:

- Just have already plumbed bge0 in GZ.
- configure NGZ with ip-type=exclusive and net physical=bge2000
- zoneadm -z <zone> boot

And during the last stept the /dev/bge2000 gets created.

It''s important to remember how interface names with vlans get named:
(vlanid * 1000) + instance
for bge0 is instance = 0

Additional questions:
1. zoneadm creates also the interface links /dev/bgexxxx. How can one 
remove this links, if that interface is no longer needed ? Just rm 
/dev/bge1000 ? Or is there a special command ?

2. For the numbering schema one can create only one vlan tagged 
interface per VLANid per physical interface.
	So if:
	- only one physical interface is available
	- two zones should be created with exclusive stack
	- both zones should be on the same tagged VLAN

I assume this is will be with ip instances only possible, if two 
physical interfaces will be used, right ? (A shared stack is not allowed 
here)

Thanks
Detlef

Dong-Hai Han wrote, On 03/22/07 04:30:
> Steffen Weiberle Wrote:
>> Dong-Hai Han wrote On 03/21/07 22:33,:
>>
>>> Detlef Drewanz Wrote:
>>>
>>>> Thanks, but I still do not get this to run.
>>>>
>>>> I only have one interface bge0. If this is already bound to the
>>>> global zone:
>>>> - Who will create the vlan tagged interfaces on that bge0 ?
>>>>     - the zoneadm during boot
>>>
>>>
>>> Yes, automatically.
>>>
>>>>     - do I have to ifconfig plumb bge1000
>>>
>>>
>>> No, if you do ifconfig plumb bge1000 in the Global zone before the
>>> non-global zone boots, that non-global zone cannot use it. :-)
>>
>>
>> I have confirmed both of these, and even with new VLANs that are not
>> configured on the switch. With the zone having been booted, the /dev
>> entries were created and dladm shows them.
> Thanks.
> 
> Yes, you don''t have to relying on the switch to create bge1000,
but
> you will need it if you want to communicate with other machines.
> 
> To do tests, you can connect two zones back-to-back, and VLAN will just
> work.
> 
> Best,
> 
> Donghai.
> _______________________________________________
> crossbow-discuss mailing list
> crossbow-discuss at opensolaris.org
> http://opensolaris.org/mailman/listinfo/crossbow-discuss
-- 
Detlef Drewanz            Systems Engineer/OS Ambassador
Sun Microsystems GmbH     Phone: (+49 30) 747096 856
Komturstrasse 18a         mailto:detlef.drewanz at sun.com
D-12099 Berlin            http://blogs.sun.com/solarium
---
Sitz der Gesellschaft:
Sun Microsystems GmbH, Sonnenallee 1, D-85551 Kirchheim-Heimstetten
Amtsgericht Muenchen: HRB 161028
Geschaeftsfuehrer: Marcel Schneider, Wolfgang Engels, Dr. Roland Boemer
Vorsitzender des Aufsichtsrates: Martin Haering

Jeff Victor Wrote:
> 
> 
> Steffen Weiberle wrote:
> 
>> Hi Donghai,
>>
>> Dong-Hai Han wrote On 03/21/07 23:30,:
>>
>>> Steffen Weiberle Wrote:
>>>
>>>> Dong-Hai Han wrote On 03/21/07 22:33,:
>>>>
>>>>> Detlef Drewanz Wrote:
>>>>>
>>>>>> Thanks, but I still do not get this to run.
>>>>>>
>>>>>> I only have one interface bge0. If this is already
bound to the
>>>>>> global zone:
>>>>>> - Who will create the vlan tagged interfaces on that
bge0 ?
>>>>>>     - the zoneadm during boot
>>>>>
>>>>>
>>>>> Yes, automatically.
>>>>>
>>>>>>     - do I have to ifconfig plumb bge1000
>>>>>
>>>>>
>>>>> No, if you do ifconfig plumb bge1000 in the Global zone
before the
>>>>> non-global zone boots, that non-global zone cannot use it.
:-)
>>>>
>>>>
>>>> I have confirmed both of these, and even with new VLANs that
are not
>>>> configured on the switch. With the zone having been booted, the
/dev
>>>> entries were created and dladm shows them.
>>>
>>>
>>> Thanks.
>>>
>>> Yes, you don''t have to relying on the switch to create
bge1000, but
>>> you will need it if you want to communicate with other machines.
>>>
>>> To do tests, you can connect two zones back-to-back, and VLAN will
just
>>> work.
>>
>>
>> Not if they are both ip-type=exclusive, I hope! Unless (maybe if) the 
>> switch is set up to accept non-tagged frames.
> 
> 
> This is a little off-topic, but VLANs should work with ip-type=exclusive 
> if each zone uses a different NIC (e.g. bge1, bge2), yes?
Different zones could use same NIC if their VLAN ID is different, for
example, you could assign bge33001 to zone1, whiel zone2 could use
bge34001.

Of course, if you want those two zones to talk to each other, you should
use differen NIC-s, and same VLAN ID,

Best,

Donghai.

Steffen Weiberle Wrote:
> Hi Donghai,
> 
> Dong-Hai Han wrote On 03/21/07 23:30,:
> 
>> Steffen Weiberle Wrote:
>>
>>> Dong-Hai Han wrote On 03/21/07 22:33,:
>>>
>>>> Detlef Drewanz Wrote:
>>>>
>>>>> Thanks, but I still do not get this to run.
>>>>>
>>>>> I only have one interface bge0. If this is already bound to
the
>>>>> global zone:
>>>>> - Who will create the vlan tagged interfaces on that bge0 ?
>>>>>     - the zoneadm during boot
>>>>
>>>>
>>>> Yes, automatically.
>>>>
>>>>>     - do I have to ifconfig plumb bge1000
>>>>
>>>>
>>>> No, if you do ifconfig plumb bge1000 in the Global zone before
the
>>>> non-global zone boots, that non-global zone cannot use it. :-)
>>>
>>>
>>> I have confirmed both of these, and even with new VLANs that are
not
>>> configured on the switch. With the zone having been booted, the
/dev
>>> entries were created and dladm shows them.
>>
>>
>> Thanks.
>>
>> Yes, you don''t have to relying on the switch to create
bge1000, but
>> you will need it if you want to communicate with other machines.
>>
>> To do tests, you can connect two zones back-to-back, and VLAN will just
>> work.
> 
> 
> Not if they are both ip-type=exclusive, I hope! Unless (maybe if) the 
> switch is set up
> to accept non-tagged frames.
> 
> Tried it and it did not work with each zone having its own IP Instance. 
> But it did work
> within the global zone (same IP Instance).
What I wanted to say is that two exclusive IP zones using VLANs on
different physical NIC-s, with same VLAN ID could talk to each other,
using back-to-back links, no switch setup is needed.

Best,

Donghai.

Detlef Drewanz Wrote:
> Thanks a lot Donghai, Steffen, Erik,
> now it works for me. I am not sure what issue I had yesterday. Now I 
> have it running on my laptop fr3400:
> 
> - Just have already plumbed bge0 in GZ.
> - configure NGZ with ip-type=exclusive and net physical=bge2000
> - zoneadm -z <zone> boot
> 
> And during the last stept the /dev/bge2000 gets created.
> 
> It''s important to remember how interface names with vlans get
named:
> (vlanid * 1000) + instance
> for bge0 is instance = 0
> 
> Additional questions:
> 1. zoneadm creates also the interface links /dev/bgexxxx. How can one 
> remove this links, if that interface is no longer needed ? Just rm 
> /dev/bge1000 ? Or is there a special command ?
En, rm is your friend here. ;-)
> 
> 2. For the numbering schema one can create only one vlan tagged 
> interface per VLANid per physical interface.
>     So if:
>     - only one physical interface is available
>     - two zones should be created with exclusive stack
>     - both zones should be on the same tagged VLAN
> 
> I assume this is will be with ip instances only possible, if two 
> physical interfaces will be used, right ? (A shared stack is not allowed 
> here)
No, if you have only one physical interface, you can''t do this, for
zones, a VLAN (like bge33000) is the same as a NIC (like bge0), so "same
  tagged VLAN" on "one physical interface" cannot be used in more
than
two running zones (if those two zones will not be running at the same
time, you can do this, thought I don''t think it is what you wanted).

And yes, if you have two NIC-s, you can do assign same VLAN ID to them,
on different NIC of course.

Best,

Donghai.




> 
> Thanks
> Detlef
> 
> Dong-Hai Han wrote, On 03/22/07 04:30:
> 
>> Steffen Weiberle Wrote:
>>
>>> Dong-Hai Han wrote On 03/21/07 22:33,:
>>>
>>>> Detlef Drewanz Wrote:
>>>>
>>>>> Thanks, but I still do not get this to run.
>>>>>
>>>>> I only have one interface bge0. If this is already bound to
the
>>>>> global zone:
>>>>> - Who will create the vlan tagged interfaces on that bge0 ?
>>>>>     - the zoneadm during boot
>>>>
>>>>
>>>>
>>>> Yes, automatically.
>>>>
>>>>>     - do I have to ifconfig plumb bge1000
>>>>
>>>>
>>>>
>>>> No, if you do ifconfig plumb bge1000 in the Global zone before
the
>>>> non-global zone boots, that non-global zone cannot use it. :-)
>>>
>>>
>>>
>>> I have confirmed both of these, and even with new VLANs that are
not
>>> configured on the switch. With the zone having been booted, the
/dev
>>> entries were created and dladm shows them.
>>
>> Thanks.
>>
>> Yes, you don''t have to relying on the switch to create
bge1000, but
>> you will need it if you want to communicate with other machines.
>>
>> To do tests, you can connect two zones back-to-back, and VLAN will just
>> work.
>>
>> Best,
>>
>> Donghai.
>> _______________________________________________
>> crossbow-discuss mailing list
>> crossbow-discuss at opensolaris.org
>> http://opensolaris.org/mailman/listinfo/crossbow-discuss
> 
>

Dong-Hai Han wrote On 03/22/07 23:00,:
>>> Yes, you don''t have to relying on the switch to create
bge1000, but
>>> you will need it if you want to communicate with other machines.
>>>
>>> To do tests, you can connect two zones back-to-back, and VLAN will
just
>>> work.
>>
>>
>>
>> Not if they are both ip-type=exclusive, I hope! Unless (maybe if) the 
>> switch is set up
>> to accept non-tagged frames.
>>
>> Tried it and it did not work with each zone having its own IP 
>> Instance. But it did work
>> within the global zone (same IP Instance).
> 
> What I wanted to say is that two exclusive IP zones using VLANs on
> different physical NIC-s, with same VLAN ID could talk to each other,
> using back-to-back links, no switch setup is needed.
Got it. You mean back-to-back with a cable. Get it. (I''m still tainted
by
intra system traffic behaviors.)

Steffen
> 
> Best,
> 
> Donghai.
> _______________________________________________
> crossbow-discuss mailing list
> crossbow-discuss at opensolaris.org
> http://opensolaris.org/mailman/listinfo/crossbow-discuss

I think you are looking for this?

http://docs.sun.com/app/docs/doc/816-4554/6maoq01nd?a=view

Looks like VLAN configuration also requires co-operation from the switch.
 
 
This message posted from opensolaris.org