16 October 2010

VLAN Tagged Interfaces (Solaris)

In order to use VLAN tagged interfaces in Solaris, one simply needs to
have an interface capable of handling VLAN tagging (can be determined by
the man page of the interface driver, ex: man bge, as well as man dladm).
Providing an interface supportive of VLAN tagging, one may configure the
interface in question.  (Note, it is assumed that the network port on
the switch, etc, has already been configured to support multiple VLANs.
If not, please discuss with Network Engineering.)  A VLAN tagged interface
is configured and managed primarily the same way that a standard interface
is, though with minor differences.  To configure the interface, there
are several bits of information one must be aware of:

- configured VLAN
  - the host's physical network interface to which the VLAN tagged
  - the host's physical network interface to which the VLAN tagged
    connection is connected to
  - the network configured relative to said VLAN

As an example, the connection going to bge1 is a VLAN tagged connection.
The vlan configured is 487, supporting network 192.19.20.0/24.  The following
commands will initialize the new interface to support this:

  /usr/sbin/ifconfig bge1 plumb
  /usr/sbin/ifconfig bge1 up
  /usr/sbin/ifconfig bge487001 plumb
  /usr/sbin/ifconfig bge487001 192.19.20.54 netmask 255.255.255.0 broadcast + up

The first line simply creates the bge1 interface (assuming it is not
already available) with the second line bringing bge1 online, though
unconfigured.  The third line creates a VLAN tagged interface on bge1
for VLAN 487.  Line four configures the new interface (bge487001) to
IP address 192.19.20.54 with a class c netmask.  The naming involved in
this interface is the determinable factor in which vlan the interface
is associated with.  A break down of how this name is composed is:

  driver-name + VLAN_ID * 1000 + device-instance

                        thus

        bge + 487 * 1000 + 1 = bge487001

This restriction of interface naming in Solaris allows for one to
easily determine what the parent interface is (bge1) and to what VLAN
the interface functions on (487).  Of note, in order to use the VLAN
tagged interface, the parent interface (bge1) must be online (up).

To bring a VLAN tagged interface up at boot time, it is handled the
same way that any other Solaris network interface would be managed.
In the above scenario, there would be a file at /etc/hostname.bge1 and
another at /etc/hostname.bge487001.  The contents of hostname.bge1 would
essentially configure the interface to a null IP address and bring it up:

        0.0.0.0
        up

The contents of hostname.bge487001 would contain the following:

        HOSTNAME
        netmask 255.255.255.0 broadcast + up

(HOSTNAME in line 1 is relative to the hostname to which the intended IP
address assigned would resolve as through /etc/hosts, etc.  Alternatively,
one may simply present an IP address instead of HOSTNAME.)

Notes

During VLAN configuration, you have to specify the physical point of attachment, 
or PPA, of the VLAN. You obtain the PPA value by using this formula:

        driver-name + VID * 1000 + device-instance

Note that the device-instance number must be less than 1000.

For example, you would create the following PPA for a ce1 interface to be 
configured as part of VLAN 456:

        ce + 456 * 1000 + 1 = ce456001
see also:
    VLAN Tagging and Vanity Naming in Solaris 11